Appendix A - AMC to SAM Migration Guide for Remote Agents Configuration Management

Snare Agent Manager (SAM) v2.0.0 introduces new ability to manage Snare Agents' configuration, supporting Snare Enterprise Agents v5.8.0 or newer.
Snare Agents starting from v5.8.0 are able to pull the configuration from SAM and check periodically for configuration updates.

Recommendation

Customers who use AMC to push configuration to the Agents, are encouraged to migrate to this new pull mechanism where Agent policies are defined in SAM, and Agents will pull its policy updates from SAM.
This new mechanism is more secure for the end points and provides ability to manage Agents configuration without having the web access enabled on every snare agent managed endpoint.

Please follow the steps on this page to migrate from AMC to SAM for remote management of Agents' configuration.

The existing AMC in Snare Central will be deprecated at a future date still yet to be announced as customers will only be able to manage agent policies from the SAM in the future.

Glossary

Terminology comparison between AMC and SAM

Snare Central AMC	SAM	Explanation
Snare Central \| Agent Management \| Snare Agents \| Remote Management	Windows SAM \| Agents \| Agents Management \| Agents Policies or Snare Central \| Agent Management \| Snare Agents Manager \| Agents \| Agents Management \| Agents Policies	Location of remote Agent configuration management in the Product
AMC Objective	Agents Group	Entity that allows to manage configuration of a group of Snare Agents that matches defined filters, such as Agent type, version range, IP filters, Hostname regular expression.
Master Configuration	Master Configuration	Agent configuration that is used to apply to all the Snare Agents managed by a specific Objective/Group.
AMC pushes configuration on schedule	Agents pull configuration from SAM as per polling frequency (configurable by Group)	Configuration delivery method
Agent Management Console (IA_SAM_CONFIG)	Agent Management Console (IA_SAM_CONFIG)	License feature required for using this functionality

Migration from AMC to SAM

Before starting the migration process, please get familiar with Agents Policies Management page in this User Guide.

Please take note of Compatibility Note and Recommendation in the Release Notes for Snare Agent Manager v2.0.0

Check the version of the Agents in your fleet and upgrade them to latest version (v5.8.0 or newer). Earlier versions are not supported.
If you have Snare Agents older than 5.5.0, and plan to upgrade them using SAM, please upgrade these agents BEFORE upgrading your SAM to version 2.0.0 or newer.
If using SAM on Windows, make sure SAM has "Agent Management Console" license feature.
Open SAM's Agents Policies page in a separate browser window (see page location in the table above)
For each AMC Objective in Snare Central:
1. Select an AMC Objective in the list
2. Click Schedule in the top menu, select Schedule Never to stop pushing configuration from AMC to Agents
3. Click Configure in the top menu
4. In SAM, click Add New Agent Group icon
5. Transfer AMC Objective settings to the Create New Group dialog in SAM.
  Use one of the Agents that was managed by this AMC group to pull Master Configuration from. Enter its details in Master Configuration section of the dialog.
  Refer to SAM User Guide > /wiki/spaces/SAM/pages/2172977159 for details.

Notes:

In SAM, each group manages a single Agent Type. Hence, if you need to manage both Windows and Desktop agents, please create 2 separate groups.
SAM allows to filter Agents not only by hostname regular expression, but also by IP Netmask, CIDR Block and IP Regex. Up to 5 IP filters are allowed per group. More Details: /wiki/spaces/SAM/pages/2172977159
In SAM, an Agent is automatically matched to the first group which filters it matches.
While AMC is pushing configuration to the Agents, in SAM the Agents are pulling the configuration from SAM. Hence the Agents are not required to keep open web port and SAM does not need to know the Agents' passwords.
In SAM, Master Configuration needs to be provided during the group creation. It can either be pulled from an Agent, or can be uploaded from a JSON file. More Details: /wiki/spaces/SAM/pages/2172977159
In SAM, Master Configuration can be modified either via SAM UI (selected fields only), or by editing a group and uploading it from an Agent or from a JSON file. More Details: /wiki/spaces/SAM/pages/2172977159
In SAM, User can view the list of Agents managed by the Group and their status by clicking on the group name. More Details: /wiki/spaces/SAM/pages/2172977159

Feature Comparison

List of Agents

AMC	SAM
Click on an AMC Objective Click Regenerate in the top menu Navigate to the Left tab Snare Agents to see 4 categories of Agents: Agents matching the master configuration (if master configuration is set) Agents with a configuration that is different to the master configuration Agents that cannot be contacted Agent with a type different than Objective's Agent Type	Click on a Group See the Agents assigned to the group listed in the right panel

Master Configuration

AMC	SAM
Click on an AMC Objective Click Regenerate in the top menu Navigate to the second tab Master Config to see Master Configuration details and edit selected settings.	Click on a Group Click Master Configuration tab in the right panel to see Master Configuration details and edit selected settings..

Issues Applying Configuration

AMC	SAM
Click on an AMC Objective Click Regenerate in the top menu Navigate to the Processing Errors tab to see any issues connecting to Agents Navigate to the Config Differences tab to see side by side comparison of Agent configuration to Master Config	Click on a Group Find the Agent in the list of Agents See the Agent Status. If the Agent connected to SAM, but failed to apply all or some of the settings from Master Configuration, its Status will be Out of Date. More details about Agent statuses: /wiki/spaces/SAM/pages/2172977159 Click the status to view the errors in a pop-up dialog: