Help Center/ Host Security Service/ FAQs/ Agent/ What Resources Will Be Accessed by the Agent After It Is Installed on a Server?
Updated on 2024-06-28 GMT+08:00

What Resources Will Be Accessed by the Agent After It Is Installed on a Server?

Table 1 describes the devices, IP addresses, and ports that Huawei Cloud ECSs usually access after the agent is installed.

Table 1 IP addresses description

Source Device

Source IP

Source Port

Destination Device

Target IP

Destination Port (Listening)

Protocol

Access Description

Remarks

HSS Agent

Management IP address of the agent

Random

HSS server

HSS server-IP1

HSS server-IP2

10180

TCP

The HSS agent can access HSS server nodes to obtain policies, configurations, and instructions delivered by the server, download agent software packages, upgrade packages, and signature databases, report alarm events, asset fingerprint databases, and baseline check results, and upload suspicious executable program files with user authorization.

The IP address of the HSS server in each region is different. The agent accesses each IP address using a domain name. The format of the domain name is hss-agent.{{REGION_ID}}.myhuaweicloud.com.REGION_ID. For details about the domain name of each region, see the installation commands in "Agent Installation Guide".

Metadata service node

IP address of the metadata service node

80

The HSS agent obtains the metadata information of the server where the agent is located, including the UUID, availability_zone, project_id, and enterprise_project_id of the ECS.

-