Appendix A - AMC to SAM Migration Guide for Remote Agents Configuration Management
Snare Agent Manager (SAM) v2.0.0 introduces new ability to manage Snare Agents' configuration, supporting Snare Enterprise Agents v5.8.0 or newer.
Snare Agents starting from v5.8.0 are able to pull the configuration from SAM and check periodically for configuration updates.
Recommendation
Customers who use AMC to push configuration to the Agents, are encouraged to migrate to this new pull mechanism where Agent policies are defined in SAM, and Agents will pull its policy updates from SAM.
This new mechanism is more secure for the end points and provides ability to manage Agents configuration without having the web access enabled on every snare agent managed endpoint.
Please follow the steps on this page to migrate from AMC to SAM for remote management of Agents' configuration.
The existing AMC in Snare Central will be deprecated at a future date still yet to be announced as customers will only be able to manage agent policies from the SAM in the future.
Glossary
Terminology comparison between AMC and SAM
Snare Central AMC | SAM | Explanation |
---|---|---|
Snare Central | Agent Management | Snare Agents | Remote Management | Windows SAM | Agents | Agents Management | Agents Policies or Snare Central | Agent Management | Snare Agents Manager | Agents | Agents Management | Agents Policies | Location of remote Agent configuration management in the Product |
AMC Objective | Agents Group | Entity that allows to manage configuration of a group of Snare Agents that matches defined filters, such as Agent type, version range, IP filters, Hostname regular expression. |
Master Configuration | Master Configuration | Agent configuration that is used to apply to all the Snare Agents managed by a specific Objective/Group. |
AMC pushes configuration on schedule | Agents pull configuration from SAM as per polling frequency (configurable by Group) | Configuration delivery method |
Agent Management Console (IA_SAM_CONFIG) | Agent Management Console (IA_SAM_CONFIG) | License feature required for using this functionality |
Migration from AMC to SAM
Before starting the migration process, please get familiar with Agents Policies Management page in this User Guide.
Please take note of Compatibility Note and Recommendation in the Release Notes for Snare Agent Manager v2.0.0
- Check the version of the Agents in your fleet and upgrade them to latest version (v5.8.0 or newer). Earlier versions are not supported.
If you have Snare Agents older than 5.5.0, and plan to upgrade them using SAM, please upgrade these agents BEFORE upgrading your SAM to version 2.0.0 or newer. - If using SAM on Windows, make sure SAM has "Agent Management Console" license feature.
- Open SAM's Agents Policies page in a separate browser window (see page location in the table above)
- For each AMC Objective in Snare Central:
- Select an AMC Objective in the list
- Click Schedule in the top menu, select Schedule Never to stop pushing configuration from AMC to Agents
- Click Configure in the top menu
- In SAM, click Add New Agent Group icon
- Transfer AMC Objective settings to the Create New Group dialog in SAM.
Use one of the Agents that was managed by this AMC group to pull Master Configuration from. Enter its details in Master Configuration section of the dialog.
Refer to SAM User Guide > /wiki/spaces/SAM/pages/2172977159 for details.
Notes:
- In SAM, each group manages a single Agent Type. Hence, if you need to manage both Windows and Desktop agents, please create 2 separate groups.
- SAM allows to filter Agents not only by hostname regular expression, but also by IP Netmask, CIDR Block and IP Regex. Up to 5 IP filters are allowed per group. More Details: /wiki/spaces/SAM/pages/2172977159
- In SAM, an Agent is automatically matched to the first group which filters it matches.
- While AMC is pushing configuration to the Agents, in SAM the Agents are pulling the configuration from SAM. Hence the Agents are not required to keep open web port and SAM does not need to know the Agents' passwords.
- In SAM, Master Configuration needs to be provided during the group creation. It can either be pulled from an Agent, or can be uploaded from a JSON file. More Details: /wiki/spaces/SAM/pages/2172977159
- In SAM, Master Configuration can be modified either via SAM UI (selected fields only), or by editing a group and uploading it from an Agent or from a JSON file. More Details: /wiki/spaces/SAM/pages/2172977159
- In SAM, User can view the list of Agents managed by the Group and their status by clicking on the group name. More Details: /wiki/spaces/SAM/pages/2172977159
Feature Comparison
List of Agents
AMC | SAM |
---|---|
|
|
Master Configuration
AMC | SAM |
---|---|
|
|
Issues Applying Configuration
AMC | SAM |
---|---|
|
|