Securden Agent¶
On the end-user machines, a light-weight agent has to be installed. The agent communicates with the server periodically and gets the policies. The agent takes care of enforcing the policies. The agent can also discover the applications from end-user machines and list them on Securden applications inventory. This would come in handy to create policies.
One way communication¶
The Securden Agent makes use of the HTTPS protocol to establish connection with the Securden server through the server port (5151, by default).
The communication between the agent and the server is always one-way. So, only the inbound connection is required to be open in the firewall.
Typically, the agent tries to get the latest policy from the server when a standard user attempts to run an application. If the agent is not able to communicate with the server, it enforces the policy that was last pulled by it from the server. The product can be deployed in high availability mode with redundant servers. Agents can be pushed to the endpoints in two ways: Either directly from the GUI or through Group Policy Objects.
Data storage by agents¶
The policies fetched by the Securden agent from the server are kept in fully encrypted form. The policies are encrypted with AES-256. The policies cannot be tampered with at the agent level.
Design Highlights
- Agent communication
- One-way with the Server, HTTPS
- Data Transmission
- SSL
- Data Storage by Securden Agent
- Encrypted(AES-256)