Remote installation of the client software

You can remotely install the security software on any unprotected computer discovered. To do that, you must have a discovery computer set up that can connect to the computer you want to install the software on.

Remote installation is only compatible with Windows platforms.

Operating system and network requirements

To install Advanced EDR remotely, make sure the target computers meet these requirements:

• UDP ports 21226 and 137 must be open for the system process.

• TCP port 445 must be open for the system process.

• NetBIOS over TCP must be enabled.

• DNS resolution must be enabled.

• Access to the Admin$ administrative share must be allowed. You must explicitly enable this feature on Windows Home editions.

• You must have domain administrator credentials or credentials for the local administrator account created by default when the operating system was installed.

• Windows Remote Management must be enabled.

To meet these requirements quickly without needing to manually add rules to the Windows firewall, turn on network discovery and file and printer sharing. In Control Panel > Network and Sharing Center > Advanced Sharing Settings, select Turn on network discovery and Turn on file and printer sharing.

• Additionally, for a network computer with Advanced EDR installed to find unmanaged computers on the network, the computers must:

  • Not be hidden by the administrator.

  • Not be currently managed by Advanced EDR on Cytomic Platform.

  • Be located on the same subnet segment as the discovery computer.

Remote installation from the Unmanaged computers discovered list

• Go to the Unmanaged computers discovered list.

  • Go to the My lists section in the left menu. Click the Add link. From the window displayed, select the Unmanaged computers discovered list.

  • Go to the Status menu at the top of the console. In the Protection status widget, click the xx computers have been discovered that are not being managed by Advanced EDR link.

  • Go to the Computers menu at the top of the console. Click Add computers. Select Discovery and remote installation. A wizard opens. Click the View unmanaged computers discovered link.

• In the Unmanaged computers discovered list, click Discovered or Hidden, based on the status of the relevant computers.

• Select the computer you want to install the software on.

  • To install the software on multiple computers simultaneously, select the checkboxes to the left of each computer, then select Install Cytomic agent from the general context menu.

  • To install the software on a single computer, click the computer’s context menu, then click Install Cytomic agent.

• Configure the installation by following the steps described in Generating the installation package and manual deployment.

• Enter one or multiple installation credentials. Use the local administrator credentials for the target computer(s) or domain administrator credentials.

Remote installation from the computer details page

Select a discovered computer. The computer details page opens. Click Install Cytomic agent. Follow the steps described in Generating the installation package and manual deployment.

Differences in the installation process based on the discovery method used

The procedure to install the protection on selected computers varies based on the method used to discover them.

Installing the protection on computers discovered using network scanning

When a discovery computer discovers another computer using network scanning, it is always connected to the discovered computer. No additional configuration is required beyond what is described in Generating the installation package and manual deployment.

• If all computers are discovered by the same discovery computer: The discovery computer launches the installation process on all discovered computers.

• If NOT all computers are discovered by the same discovery computer: Each discovery computer launches the installation process on the computers it discovered.

Installing the protection on computers discovered using Active Directory

The fact that a discovery computer discovers another computer by searching in Active Directory does not necessarily mean that it is connected to the discovered computer. In such a case, to remotely install the security software, you must select the discovery computer that will connect to the discovered computer to perform the installation.

• If all selected computers were discovered only through Active Directory, you must select the installer computers that will launch the installation process on the selected computers.

• If the selected computers include computers that were discovered using both methods, you must select the discovery computer that will launch the installation on the selected computers that were discovered only through Active Directory. For all other computers, install the protection as usual by following the steps in Generating the installation package and manual deployment.

Possible installation errors

If the installer computer cannot successfully connect to the discovered computer, the following installation errors are shown: 

• In the unmanaged computers discovered list: Error installing. Unable to connect to the computer. See Viewing discovered computers.

• On the Computer details page: Error installing the Cytomic agent. Make sure the computer is turned on and meets the remote installation requirements. See Computer discovery and remote installation of the client software.