What is the Portnox AgentP?
In this topic, you will learn what is the Portnox™ AgentP software and how it works.
Portnox AgentP is a lightweight software agent for installation on user devices. AgentP is not necessary to use Portnox Cloud but without it, some functions of Cloud are not available.
The following are the benefits of using Portnox AgentP:
-
More information about the device: With AgentP, Portnox Cloud has access to additional information about the device. It knows the device type, operating system, user, IP address, system configuration, installed applications, and more.
-
Easier onboarding: Onboarding with AgentP is easier and faster than by configuring connections manually, especially if you want to use certificates for user/device authentication.
-
Risk policies: Since AgentP has access to more information about the device, it is possible to use it to build the device risk policy, and then control network access based on the risk level. For example, you can use AgentP to discover that an Android phone has risky software installed, or that a Windows disk encryption is not active.
-
Remediation: AgentP also lets you perform automatic remediation actions on user devices. For example, if it discovers that the device’s antivirus software is out of date or turned off, it can update it and turn it on.
Installation requirements
AgentP is available on the following platforms:
- Microsoft Windows (7 SP3 and higher)
- Apple macOS (10.9 Mavericks and higher)
- Apple iOS (7 and higher)
- Android (5 Lollipop and higher)
- Linux (Ubuntu 14.04 and higher, Debian 7 and higher, Mint 17 and higher, CentOS 7.2 and higher, RHEL 7.1 and higher)
Resource requirements:
-
Memory and disk consumption:
- Windows: Approximately 75 MB RAM and approximately 9 MB of disk space.
- MacOS: Approximately 24 MB RAM and approximately 12 MB of disk space.
-
CPU consumption: A prolonged test using a 2012 Intel i7 Dual-Core processor has shown AgentP consuming 0.1 % of CPU peek during normal operation. CPU only spiked higher during initial provisioning and other one-off tasks of interacting with the AgentP UI.
-
Network bandwidth consumption: Negligible. In a prolonged test, the consumption averaged 211 bps up (241 total packets) and 122 bps (115 total packets).
Data collected by AgentP
Desktop:
| Data type | More information |
|---|---|
| Administrative vulnerabilities | Windows only (local administrators, guests, Users with non-expiring or weak passwords, anonymous access) |
| Application installation source | macOS – from where applications are allowed to be installed |
| Auto-login | |
| Bitlocker | |
| Network adapters | |
| Operating system | |
| Processor | |
| General computer information | Manufacture, name, domain |
| Critical software | Java.net versions, Adobe plugins |
| FileVault status | macOS only |
| Firewall | |
| Hosts file data | |
| Installed applications | |
| Installed certificates | On a machine level, not per user |
| Logged-in user information | |
| Location | |
| Disk drives | |
| Operating memory | |
| Motherboard | |
| Network adapters | |
| Open network connections | |
| Open ports | |
| Passcode policy | macOS only |
| Peripheral devices | |
| Running process | |
| Running services | |
| Security products | Antivirus, anti-spyware, anti-malware |
| Installed hotfixes | |
| TPM status | |
| Logged-in user browser | Account, extensions, plugins |
| Windows features | Windows only |
| Windows update settings | Status, WSUS |
| Direct access status |
Mobile:
| Data type | More information |
|---|---|
| Are unknown source apps allowed | Android only |
| Device accounts | |
| Encryption status | |
| Form factor | |
| GSM network information | |
| GSM settings | |
| Installed applications | iOS: only if MDM-enrolled |
| Internal storage information | |
| Is the device jailbroken? | |
| Location | |
| Model | |
| Push notification registration status | iOS only |
| Open connections | |
| Open ports | |
| OS version | |
| Passcode status | |
| Timezone | |
| Wi-Fi network information |