Deploying an agent
To create an agent that can query the Client API and return properties, you can complete the following steps:
- Build your agent application. Design it to provide feedback that is based on client properties (such as compliance) returned from relevance expressions.
- Build compliance documents to define designators, relevance expressions, descriptions, and comments. These documents might describe compliance with company or government policies.
- Build an installer that ensures the correct configuration of the API before copying the program to the client.
- Create a Fixlet to target the chosen clients and include an action to copy your documents and run the installer on the client.
- Deploy the Fixlet from the console to the chosen end points. You can use extra targeting or computer grouping to reach just the subsets of endpoints you want.
- Use the API to query the client when your agent is installed and starts running.
- Use your agent to respond with comments, warnings, or quarantine that is based on the data received.
- Configure a network enforcement agent. The network enforcement agent must be configured to query the client for the compliance status that is based on the compliance document. The details of the configuration depend on which network enforcement agent is used. The client can automatically configure the network enforcement agent for many network enforcement products.
- Assess and quarantine. The network enforcement agent periodically queries the client for the compliance status of the computer. If the computer is not in compliance, it is automatically quarantined by the network enforcement agent.
- Automate remediation. Even in quarantine, the client can automatically remediate the computer into compliance, enabling the computer to be taken out of quarantine and seamlessly placed back onto the network.