Updated on 2025-09-29 GMT+08:00

Installing the Agent on a Server

Scenarios

The HSS agent is a piece of software installed on servers to exchange data between the servers and HSS, implementing security detection and protection. You can use the HSS only after installing the agent.

Step 1: Prepare the Installation Environment

  1. Ensure your server OS is supported by the agent. For more information, see the table in Supported OSs.

    The agent cannot be installed on the OSs that are not in the list.

  2. Ensure the server is running properly.

    The agent cannot be installed if the server is not running.

  3. Ensure the capacity of the disk where the agent is to be installed is greater than 300 MB.

    If the available space is less than 300 MB, the agent will fail to be installed. The agent installation path cannot be customized. The following default paths are used:

    • Linux: /usr/local/hostguard/
    • Windows: C:\Program Files\HostGuard

  4. Check whether mandatory ports are enabled in the server security group.

    • Huawei Cloud servers

      For servers in regions other than CN East 2 and CN Southwest-Guiyang1, ensure the outbound rule of your security group allows access to the port 10180 on the 100.125.0.0/16 network segment. (This is the default setting.) This port is used to communicate with the HSS server. For details about how to view and modify an outbound ECS security group rule, see Modifying a Security Group.

    • Third-party cloud servers

      Ensure the outbound rule of your security group allows access to port 10180 on the 100.125.0.0/16 CIDR block. (This is the default setting.) This port is used to communicate with the HSS server.

  5. Ensure the DNS address of the server is a private DNS server address on the Huawei Cloud.

    The agent cannot be downloaded to a private DNS server address outside Huawei Cloud.

    For details about how to view and change the DNS server address, see Modifying the DNS (on the Server) or Modifying the DNS Server Address (on the Console).

  6. Uninstall third-party security software.

    Third-party security software will probably be incompatible with the HSS agent and affects HSS protection. If third-party security software is installed on your servers, uninstall it before installing the HSS agent.

  7. (Optional) For a Linux server, disable the SELinux firewall.

    The SELinux firewall may disrupt agent installation. You can enable it after the agent is successfully installed.

  8. (Optional) For Windows, ensure Microsoft Office has been installed on the server and can open the .xlsx file.

Step 2: Install the Agent on Servers

HSS can protect Huawei cloud servers and third-party servers. For details about how to install the agent on the servers, see:

Related Operations

During the environment preparation before the installation, you may need to modify the security group and DNS. The procedures are as follows.