/ DOCS
nav-img
Advanced

Agent Overview

What Is an Agent?

The HSS agent is a piece of software installed on cloud servers to exchange data between the servers and HSS, implementing security detection and protection. If no agent is installed, the HSS is unavailable.

Scans all servers at 00:00 every day; monitors the security and monitors status of servers; and reports the collected server and monitors information (including non-compliant configurations, insecure configurations, intrusion traces, software list, port list, and process list) to the cloud protection center. In addition, the agent blocks attacks targeted at servers and containers based on the security policies you configured.

Supported OSs

Currently, some mainstream OSs are supported. For details, see OS Restrictions. To obtain better HSS service experience, you are advised to install or upgrade to an OS version supported by the agent.

Processes When the Agent Is Running

  • Linux

    The account of the agent is root. Table 1 lists the running processes on a Linux server.

    Table 1 Agent running process on a Linux server

    Agent Process Name

    Function

    Path

    hostguard

    Detects security issues, protects the system, and monitors the agent.

    /usr/local/hostguard/bin/hostguard

    hostwatch

    Monitors the agent process.

    /usr/local/hostguard/bin/hostwatch

    upgrade

    Upgrades the agent.

    /usr/local/hostguard/bin/upgrade

  • Windows

    The account of the agent is system. Table 2 lists the running processes on a Windows server.

    Table 2 Agent running process on a Windows server

    Agent Process Name

    Function

    Path

    hostguard.exe

    Detects security issues, protects the system, and monitors the agent.

    C:\Program Files\HostGuard\HostGuard.exe

    hostwatch.exe

    Monitors the agent process.

    C:\Program Files\HostGuard\HostWatch.exe

    upgrade.exe

    Upgrades the agent.

    C:\Program Files\HostGuard\upgrade.exe

Agent Release Notes

OS

Agent Version

Version Update

Linux

3.2.11

  • Fixed the issue that container information occasionally fails to be collected.

3.2.10

  • Added automatic virus scan and removal.
  • Supported IPv6 addresses.
  • Added the port honeypot function.
  • Fixed known issues of the honeypot module on the live network.

3.2.9

  • Added the virus scan and removal function to support quick, full-disk, and custom scan and removal. Static files on disks can be scanned to enhance virus defense capabilities.
  • Added the antivirus detection function to check the files flushed to disks in real time and identify most known malicious programs.
  • Added the emergency vulnerability detection function to check for emergency vulnerabilities.
  • Fixed known issues on the live network.

Windows

4.0.22

  • Added automatic virus scan and removal.
  • Supported IPv6 addresses.
  • Added the port honeypot function.
  • Fixed known issues of the honeypot module on the live network.

4.0.20

  • Added the virus scan and removal function to support quick, full-disk, and custom scan and removal. Static files on disks can be scanned to enhance virus defense capabilities.
  • Added the common weak password detection function to check for weak passwords in Windows.
  • Fixed known issues on the live network.

4.0.19

  • Added the samples uploading function.
  • Added the application control (process whitelist) function.
  • Brute-force attack detection is supported for SQL Servers.
  • Added the baseline check function for SQL Server.
Предыдущая статья
Installing the Agent on Servers
Следующая статья
Checking the Installation Environment
Была ли эта статья полезна?
Поддержка Юридические документы
© 2025 Cloud.ru