Use agent-initiated communication with cloud accounts

If any of the computers you are protecting with Deep Security are in cloud accounts, we recommend that you use agent-initiated communication to prevent communication issues between the Deep Security Manager and agents.

If you are using Deep Security as a Service, agent-initiated communication is enabled by default. The full list of Deep Security default communication direction settings is as follows:

Deep Security bidirectional
Deep Security AMI from AWS Marketplace bidirectional
Deep Security as a Service Agent-initiated

To use agent-initiated communication, you must first enable it on a policy, and then assign that policy to a deployment script.

Enable agent-initiated communication on the policy

You can enable agent-initiated communication by either modifying an existing policy or by creating a new one.

You can quickly create a new policy from an existing policy by right-clicking it and selecting Duplicate.

  1. On the Policies page, double-click the policy.
  2. Select Settings > Computer or Settings > General.
  3. Under Communication Direction, select Agent / Appliance Initiated.
  4. Click Save.

Assign the policy to a deployment script

  1. In the upper-right corner, click Support > Deployment Script.
  2. Select your platform from the list.
  3. Select Activate Agent automatically after installation, and then select your policy from the list.
  4. Click Close.

To learn how to use deployment scripts to apply protection to your computers, see Deploy Deep Security agents to your AWS instances.