Updated on 2024-09-25 GMT+08:00

Checking the Installation Environment

Agent installation has restrictions on security group outbound ports, DNS server addresses, and third-party security software. Before installing it, perform the operations in Checking the Installation Environment to ensure the installation requirements are met.

Checking the Installation Environment

  1. Ensure your server OS is supported by the agent. For more information, see the table in Supported OSs.

    The agent cannot be installed on the OSs that are not in the list.

  2. Ensure the server is running properly.

    The agent cannot be installed if the server is not running.

  3. Ensure the capacity of the disk where the agent is to be installed is greater than 300 MB.

    If the available space is less than 300 MB, the agent will fail to be installed. The agent installation path cannot be customized. The following default paths are used:

    • Linux: /usr/local/hostguard/
    • Windows: C:\Program Files\HostGuard

  4. Check whether mandatory ports are enabled in the outbound direction of the server security group.

    • Huawei Cloud servers

      Ensure the outbound rule of your security group allows access to the port 10180 on the 100.125.0.0/16 CIDR block. (This is the default setting.) This port is used to communicate with the HSS server. For details about how to view and modify an outbound security group rule, see Modifying a Security Group.

    • Third-party servers

      When installing the agent on a Windows server, ensure that the inbound security group of the server allows access to port 5985. This port is used to communicate with the HSS server.

  5. Uninstall third-party security software.

    Third-party security software will probably be incompatible with the HSS agent and affects HSS protection. If third-party security software is installed on your servers, uninstall it before installing the HSS agent.

  6. (Optional) For a Linux server, disable the SELinux firewall.

    The SELinux firewall may disrupt agent installation. You can enable it after the agent is successfully installed.

  7. (Optional) For Windows, ensure Microsoft Office has been installed on the server and can open the .xlsx file.

Modifying a Security Group

To install the agent, ensure the security group of the server allows outbound access to port 10180 of the 100.125.0.0/16 CIDR block. This section describes how to view and modify ECS security group rules.

  1. Log in to the management console.
  2. In the upper left corner, select a region and a project.
  3. Click in the upper left corner of the management console and choose Computing > Elastic Cloud Server. The Elastic Cloud Server page is displayed.
  4. In the ECS list, click the name of an ECS.
  5. On the ECS details page, click the Security Groups tab and click Manage Rule.
  6. Click the Outbound Rules tab and add a rule, as shown in Table 1.

    Table 1 Security group rules

    Priority

    Action

    Type

    Protocol & Port

    Destination

    Description

    1

    Allow

    IPv4

    TCP

    10180

    100.125.0.0/16

    Communicates with the HSS server.