4

SecOps On-prem Prerequisites Validation

Last Update il y a 6 jours

Overview On-Prem - Central Server Prerequisites Checks On-Prem - Agent Based Target Machine Prerequisites Check On-Prem - Agentless Target Machine Prerequisites Check

On-Prem - Agentless Target Machine Prerequisites Check

Dinesh

Last Update il y a 5 mois

Agent-less onboarding allows you to onboard Windows, Linux, or macOS targets without installing any agent, using WinRM or SSH.
To perform the connectivity validation, you must run the SecOps Readiness Check binary from either:
  • the SecOps Central Server, or
  • Jump Host inside your network (if required).

Follow the instructions below.

1. Choose Where to Run the Agent-Less Prerequisite Check

Before downloading anything, determine whether your Central Server can directly reach the target machines.

Option A - Run from the Central Server (Recommended)
If the target machines are directly reachable from the SecOps Central Server, you can perform the agent-less prerequisite check right from the Central Server.
  • No additional jump host setup is required.
  • Use the same SecOps Readiness Check binary already downloaded for the Central Server.
This is the simplest and preferred method.

Option B - Run from a Jump Host (If Direct Access Is Not Possible)
If your environment requires accessing the target machines through a Jump Host / Bastion Host, then the readiness check must be executed on the Jump Host.
Use this option when:
  • The Central Server cannot directly reach the target machines
  • Targets are inside restricted VLANs
  • Firewall rules only allow internal access through the Jump Host
  • Corporate network segmentation prevents direct communication
In this case, download the SecOps Readiness Check binary on the Jump Host according to its OS.
2. Download the Binary (For Jump Host Only)
If running from the Central Server → skip this section.
If running from a JumpHost → download the appropriate binary:
Windows (x64)
Download the EXE file:
Linux (x86_64)
Linux (ARM64)
3. Run the binary
Central Server
Windows (x64) - Jump Host
Linux (x86_64) - Jump Host
Linux (ARM64) - Jump Host
3. Follow On-Screen Menu
Once the binary starts, you will see an interactive menu. Select:
  • Option 1 → On-Premise Deployment
  • Option 2 → Target Machine Prerequisite Check
  • Option 2 → Agent-less
Next, select the Target OS:
  • Option 1 → Windows (WinRM)
  • Option 2 → Linux (SSH)
  • Option 3 → macOS (SSH)
  • Option 4 → Back
4. Enter Target Machine Details
After selecting the Target OS, enter the required connection details.
If you selected Windows (WinRM):
You will be prompted for:
  • Target IP Address
  • WinRM Port (default: 5985 for HTTP, 5986 for HTTPS)
  • Username
  • Password
If you selected Linux (SSH) or macOS (SSH):
You will be prompted for:
  • Target IP Address
  • SSH Port (default: 22)
  • Username
  • Authentication Method
    • Option 1 → Password
    • Option 2 → Private Key
If using a key:
  • Provide the path to the private key
5. Expected Output Summary
After the checks complete, you will see an output similar to:
Important:
  • All checks must Pass for successful Agent-Less onboarding.
  • Reverse connectivity ensures the Target machines can also communicate back to central server/jump host.
  • If WinRM/SSH authentication fails, verify:
    • Username and password
    • Private key permissions
    • Firewall rules
    • Port accessibility
    • WinRM or SSH service status
  • Blockers must be resolved before the onboarding process can continue.


Was this article helpful?

0 out of 0 liked this article

Still need help? Message Us