Setup of the Microsoft Windows Agent
In order to complete the assessment of a Windows device, we require you to install an agent onto the device. The agent installation is a simple task that can either be performed manually per device or can be installed via a Group Policy Object (GPO) or via Microsoft Endpoint Manager (previously InTune) via a new Line of Business App.
Manual Deployment of standard .EXE file
You will need to have local administrative rights on the machine on which you are installing the software agent.
- Download the {CyberTecSecurityAgent.zip} file from the URL you have been provided in the CE Plus Onboarding Email and extract the .EXE file used to install the application.
DO NOT DOUBLE CLICK OR RUN THE EXE FILE DIRECTLY! - If you are not already logged in as an administrator on the machine and will be elevating privileges to install, you will need to then move the .EXE file into a location where the elevated user will still be able to see it. We suggest moving to a folder that you can find on your C:\ drive, such as C:\_Install.
(Note: when you elevate privileges, your username within the context of the elevation changes, therefore %userprofile%\Downloads, which is where you have downloaded the agent to, will not be the same user that the elevation will use and you will not be able to see the file) - Once you have the file in a location that any user of the system can access, you should open a command prompt, using elevation, so if you search for "CMD" you will then click on the "Run as administrator", which would then ask me to authenticate to elevate my access.
- From the command prompt, navigate to the location where you stored the .EXE file you downloaded earlier.
- You should then copy and paste the command line we have provided you in the email and run it by pressing ENTER.
CyberTecCloudAgent.exe CustomerId={a code will be placed here} ActivationId={a code will be placed here} WebServiceUri=https://{the URL of the test platform will be placed here/}
- The installation is silent and you will not see much happen after the agent is installed - please contact one of the assessment team once you have completed the installation and they will confirm that we are able to see all your devices checking in.
MSI FILE
The MSI File can be used with the full command line which will include the specific command line paramteters detailed within the email we sent you, prefixed by msiexec.exe /i......
Msiexec.exe /i CloudAgent_x64.msi CustomerId={your customer ID information} ActivationId={your activation ID information} WebServiceUri=https://qagpublic.qg2.apps.qualys.eu/CloudAgent/
Endpoint Manager Deployment
The agent can also be rolled out to your devices via Microsoft EndPoint Manager (Intune) via the Windows, Apps, Line of Business Application option.
- Download the Windows Installer File (MSI) which we have provided
- Sign in to your endpoint management portal
https://endpoint.microsoft.com/#home
- From the left-hand menu, select "APPS"
- From the By Platform option, select "Windows"
- Select "Add"
- Select "Line-of-business app" from the App Type menu
- Click "Select" to proceed
- Select your MSI file by clicking on "Select app package file"
- Confirm that Endpoint Manager Add App has the correct MSI and settings (default settings on the page are OK) however, you will need to enter a publisher, type in "Cyber Tec" and then click on "Next"
- You can now choose to deploy the MSI via "Add all devices" (easiest option) or you can add a group (if you have one with machines allocated) where this will deploy to a selected group of machines. Select an option and click "Next"
- Review all the settings for the App and click on "Create"
Group Policy Deployment
We recommend following Microsoft's own GPO deployment process which is available on the link below:
https://docs.microsoft.com/en-us/troubleshoot/windows-server/group-policy/use-group-policy-to-install-software