View Categories

Pre-requisites for Saner CVEM Deployment

Print Friendly, PDF & Email

Monitoring System

  • A desktop or laptop computer with the latest version of one of the following web browsers to access the Saner web console:
    • Google Chrome
    • Mozilla Firefox
    • Apple Safari
    • Microsoft Edge

Network Requirements

The following changes must be done on your network:

  • Allow outgoing HTTPS connections on port 443 between Saner Agents and the Saner Server.
  • Allow WebSocket communications in your network.
  • Allow the Saner Agent to upload .zip files to the Saner Server.
  • If you plan to integrate Active Directory with the Saner Server, allow outgoing TCP connections on the ports configured for Active Directory.
  • If you plan to designate an existing device to integrate with Active Directory, ensure that outgoing TCP connections are allowed between the device and Active Directory on the configured ports.
  • Whitelist either the following URLs or IP addresses in your firewall:
    • URLs: https://saner.secpod.com, https://resources.secpod.com
    • IP addresses: 15.197.185.143, 3.33.186.66
  • For users on the Saner EU SaaS platform:
    • Allow outbound traffic between the Saner Agent and eu.saner.secpod.com.
    • You may whitelist the domain eu.saner.secpod.com or the following IP addresses:
      • 15.197.232.162
      • 99.83.146.109
  • If you are using a proxy server:
    • Ensure outbound traffic is allowed between the Saner Agent and saner.secpod.com.
    • For the Saner EU platform, allow traffic between the Saner Agent and eu.saner.secpod.com.

Patch update repository requirements

You must have either one of the below options available in your environment.

For OS Patching

Option 1: Endpoints should be configured to take updates from respective update servers.

  • WSUS server (for Windows operating systems)
  • YUM repository (for RPM-based Linux systems)
  • DPKG repository (for Debian-based Linux systems)
  • macOS Software Update Server (for macOS systems)

Option 2: Ensure that endpoints have an active internet connection to reach the vendor’s cloud patch site.

For Third-Party Applications Patching

To patch third-party applications, you must have one of the following options available in your environment:

  • Option 1: Use patch repositories built and maintained by SecPod.
  • Option 2: Create a local HTTP, HTTPS, or FTP repository to host the content provided by SecPod.

Prerequisites for Saner Agent

You can install Saner Agents on endpoints running Windows, Linux, macOS, or AIX.
Ensure that each device has at least 800 MB of available disk space and 400 MB of available RAM.

System Privileges

  • Windows: Install the Saner Agent using an account that has administrator privileges.
  • macOS and Linux: Install the Saner Agent using an account that has root privileges or by using the sudo command.
  • AIX: Install the Saner Agent using the root account or an account that has equivalent root privileges.

Antivirus Exclusion List

Add the following files and services to the exclusion list of the antivirus software running on each endpoint.

On Windows Devices

  • C:\Program Files (x86)\SecPod Saner
  • spdialogbox20.exe
  • spdialogbox.exe
  • spagentwatchdog.exe
  • spupgradecontroller.exe
  • spscanmanager.exe
  • spsaneruninstall.exe
  • spsanerrun.exe
  • spsaneragnt.exe
  • spldapmanager.exe
  • spfirmware32.exe
  • spfirmware64.exe
  • spnmapresultmanager.exe
  • spfileindexer.exe
  • sptaskhandler.exe

If you use Remote Access—Saner EM’s on-demand remote support tool—add the spremoteconnector.exe process to the antivirus exclusion list on Windows systems.

On Linux Devices

  • /usr/bin/spsaner.service
  • /usr/bin/spscanmanager
  • /usr/bin/spagentwatchdog
  • /usr/bin/spsaner_servicelauncher
  • /usr/sbin/spsaneragent
  • /etc/saner
  • /var/saner/
  • /usr/lib64/saner
  • /var/log/saner

If you use Remote Access—Saner EM’s on-demand remote support tool—add the /opt/saner folder and the spremoteconnector process to the antivirus exclusion list on Linux 64-bit devices.

On Mac Devices

  • /usr/local/bin/spsaneragent
  • /usr/local/bin/spscanmanager
  • /usr/local/bin/spagentwatchdog
  • /usr/local/bin/spupgradecontroller
  • /usr/local/bin/spmessagebox,
  • /usr/local/bin/spsaner_deactivate
  • /etc/saner
  • /var/saner
  • /user/local/lib/saner
  • /var/log/saner

If you use Remote Access—Saner EM’s on-demand remote support tool—add the /opt/saner folder and the spremoteconnector process to the antivirus exclusion list on macOS devices.

On AIX Devices

  • /etc/rc.d/init.d/spsaner
  • /usr/bin/spsanerd
  • /usr/bin/spscanmanager
  • /usr/bin/spagentwatchdog
  • /usr/bin/spsaner_servicelauncher
  • /usr/sbin/spsaneragent
  • /etc/saner
  • /var/saner/
  • /usr/lib/saner
  • /var/log/saner
Important

If you are using Saner Network Scanner, ensure ‘nmap‘ is added to the antivirus program’s exclusion list running on your endpoints.
On Windows devices, ensure ‘nmap’ and ‘npcap’ are added to the antivirus program’s exclusion list.