Use agent-initiated communication with cloud accounts
If any of the computers you are protecting with Deep Security are in cloud accounts, we recommend that you use agent-initiated communication to prevent communication issues between the Deep Security Manager and agents.
If you are using Deep Security as a Service, agent-initiated communication is enabled by default. The full list of Deep Security default communication direction settings is as follows:
|Deep Security AMI from AWS Marketplace||bidirectional|
|Deep Security as a Service||Agent-initiated|
To use agent-initiated communication, you must first enable it on a policy, and then assign that policy to a deployment script.
Enable agent-initiated communication on the policy
You can enable agent-initiated communication by either modifying an existing policy or by creating a new one.
You can quickly create a new policy from an existing policy by right-clicking it and selecting Duplicate.
- On the Policies page, double-click the policy.
- Select Settings > Computer or Settings > General.
- Under Communication Direction, select Agent/Appliance Initiated.
- Click Save.
Assign the policy to a deployment script
- In the upper-right corner, click Support > Deployment Script.
- Select your platform from the list.
- Select Activate Agent automatically after installation, and then select your policy from the list.
- Click Close.
To learn how to use deployment scripts to apply protection to your computers, see Deploy Deep Security agents to your AWS instances.