Requirements and Prerequisites

Pre-requisites are requirements essential to be met for onboarding success, which includes successful installation of the agent and Syxsense software’s further functioning. Pre-requisites are the first thing you should check before installing Syxsense as failure to review and implement pre-requisite configuration recommendations will lead to the product not functioning either fully or partially.

It is essential that all the prerequisites are configured properly! If you follow, for instance, the vRep installation instructions but won't whitelist BLOB storage in the antivirus and firewall, you will be able to see the console but won't be able to distribute software or patch. And if you don't whitelist CloudManagementSuite, the system won't function at all.

In this section, you will find out how to prepare your system for Syxsense agent installation, device discovery, and further management, what locations your firewall should whitelist, which directories should be configured, and which ports should be opened internally to provide flawless functioning of Syxsense.

We organized all the requirements in an easy-to-read form for your convenience. So, don't forget to double-check that all the requirements are met, and all the needed exclusions are in place.

 Visit Get Started section for more information.

Windows devices support all features of Syxsense Manage, Secure and EnterpriseWindows devices support all features of Syxsense Manage, Secure and Enterprise

Devices below are supported for vRep, MicroAgent, standard discovery, and agentless installations:

  • Windows 7 (patching only with ESU activation)
  • Windows 8.1
  • Windows 10
  • Windows 11
  • Windows Server 2008 R2 (patching only with ESU activation)
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server 2019
  • Windows Server 2022

OS Requirements for Windows Devices

  • Net Framework 2.0
  • Net Framework 4.0 Full Version (not Client Profile)

Linux devices support discovery, inventory, and patching with Syxsense Manage and EnterpriseLinux devices support discovery, inventory, and patching with Syxsense Manage and Enterprise

Linux OS variants below are supported over SSH from the vRep client (requires at least 1 Windows device for vRep):

  • CentOS (version 7 or above)
  • Debian (version 9 or above)
  • Oracle Linux (version 7 or above)
  • RedHat (version 7 or above)
  • RedHat (version 7.9)
  • SUSE (version 12 SP2 or above)
  • openSUSE (version 15 or above)
  • Ubuntu (version 16.04 (LTS) or above)
  • Ubuntu (version 20.04 LTS)
  • Rocky Linux (all versions)
  • Amazon Linux (version 2)

Any authorized SSH account will suffice; however, ensure that the account is part of the 'sudoers' file, or simply has 'sudo' access. This will ensure that the account can run the necessary install commands with root privileges. This is required for all variants of Linux.

Mac devices support discovery, inventory, patching, software deployment, and remote control with Syxsense Manage and EnterpriseMac devices support discovery, inventory, patching, software deployment, and remote control with Syxsense Manage and Enterprise

Devices below are supported for Mac Agent installations and over SSH (with Remote Management enabled; only Patching supported over SSH).

  • OS X Sierra
  • OS X High Sierra
  • OS X Mojave
  • OS X Catalina

Discovery and ManagementDiscovery and Management

To discover and manage other devices on your network the following requirements must be met:

  • Install a vRep and approve the vRep from the Devices vReps section 
  • Add administrator account(s)
  • The vRep will need to be able to connect to devices over TCP ports 139 and 445 (Administrative/C$ Shares). These are the typical Windows SMB ports used for remote administration and with Active Directory. If you use the Windows Firewall, you can enable File and Printer Sharing to open these ports. For Workgroup devices, simply install the MicroAgent software (easier method than making environmental changes).

Whitelisted Locations Whitelisted Locations

The following locations must be whitelisted by the firewall (or refer to vRep Relay functionality):

Location Reason
(your-site-name).cloudmanagementsuite.com To ensure devices can reach cloud console and for console email notifications
verismic.blob.core.windows.net Clustered content repository within Microsoft Azure

Antivirus / HIPS ExceptionsAntivirus / HIPS Exceptions

Before any installation occurs, please ensure that all existing solutions have exceptions for Syxsense communication. The following directories must be excluded from any endpoint protection software:

Directory Location Reason
C:\$VCMSTEMP$\ Standard installation directory for vRep and MicroAgent
C:\Program Files (x86)\Verismic\ Standard installation directory for vRep
C:\Windows\System32\config\systemprofile\ Appdata\Roaming\Verismic CMS\ Standard installation directory for vRep and MicroAgent certificates and task logs

Network Port RequirementsNetwork Port Requirements

Standard service ports to open internally:

Port Direction Recommendation Reason
Port 80 Local to Internet Required Download of patches from software vendor download sites. Download of Patches from Syxsense Content Server.
TCP Port 443 (HTTPS) Internal/External Required All communication to the cloud console
TCP Port 135 Internal Optional Discovery: vRep to Windows devices
TCP Port 139 Internal

Recommended; Required for Discovery

 Discovery: vRep to Windows devices
TCP Port 445 Internal Recommended; Required for Discovery Discovery: vRep to Windows devices
TCP Port 22 Internal Optional; Required for Discovery and Linux/Mac Discovery: vRep to Linux/Mac devices

Custom service ports to open internally:

Port Direction Recommendation Reason
TCP Port 51339 Internal Recommended Remote Control
TCP Port 51340 Internal Recommended Remote Control
TCP Port 51341 Internal Recommended Syxsense Management
TCP Port 51342 Internal Required for P2P vRep to Managed Device
TCP Port 51343 Internal Recommended Software Deployment
TCP/UDP Port 51344 Internal Recommended Software Deployment
TCP/UDP Port 51345 Internal Required for vRep Relay vRep Relay Functionality

vRep Proxy Relay Configuration (if required)vRep Proxy Relay Configuration (if required)

For private network devices without Internet access, Syxsense can manage these devices using our vRep.  The vRep acts as a centralized proxy and discovery agent, relaying data to/from the private network to the perimeter and back to the cloud services.

Sample environment diagram:

How to implement the Proxy Relay:

  • Install a vRep in the perimeter (or subnet where it will have Internet access)
  • In the Syxsense console, create a Site to represent the private network/subnet
  • Assign the intended vRep device to the site (right-click the Site and choose Config vReps)
  • Before leaving the Site Config, place all required IP Address Ranges in the IP Address Ranges section
  • Run a Discovery Task on the new Site and all ranges applicable. During the Discovery Task Wizard, administrative/service account details will be required.
  • Repeat the process for each private network

During the discovery process, the vRep will automatically assign itself as the proxy to manage these devices. These devices will send traffic through the vRep, so that Internet access is not required on the private network.