You need to install a Cloud Agent (CA) activated for EDR on each asset you want to monitor for suspicious activity.
You must upgrade to following Cloud Agent versions to utilize all the EDR functionality:
- Windows: 4.1 and above
- Linux: 6.1.0 and above
In this section we have covered the following:
|
|
|
|
|
|
Perform the following steps if you are a new EDR customer:
> QualysCloudAgent.exe CustomerId={xxxxxxxx-xxxx-xxxxxxxxxxxxxxxxxxxx}
ActivationId={xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx}
WebServiceUri=<platform_url>/CloudAgent/
Perform the following steps if you are an existing EDR customer:
Our cloud platform gives you continuous security updates through the cloud using lightweight cloud agents. Go to the Cloud Agent (CA) application to install agents and activate them for EDR. It's possible to activate existing agents for EDR with other capabilities like VM and PC.
1. From the EDR homepage, click Configure Agents for EDR. Click Manage Cloud Agent Keys. You are redirected to the Cloud Agent application. |
|
2. Click Agent Management > Activation Keys > New Key. Give a title and provision for the EDR application and click Generate. You can provide the same key for any other applications in your account. |
|
3. Click on Install Instructions against Windows (.exe). Want to do this step later?Want to do this step later? No problem, just exit the wizard. When you’re ready, return to your activation keys list, select the key you want to use, then Install Agent from the Quick Actions menu. |
![]() |
4. Review the installation requirements and click Download. Run the installer on each host from an elevated command prompt, or use a systems management tool or Windows group policy. Your agents should start connecting to our cloud platform. |
|
5. Activate your agents for EDR. Go to the Agents tab, choose an agent and Activate for FIM or EDR or PM or SA from the Quick Actions menu. (Bulk activation is supported using the Actions menu). In the Activate Agents window, enable the EDR agent and click Activate. |
|
Before creating a profile, assign Malware Protection tags. For more information, see Create and Assign Tags
As part of cloud agent installation and setup, you should enable EDR from the Configuration Profile of the Cloud Agent application. This is required for EDR data collection. You can enable EDR only when the agents are activated with EDR. Perform the following steps in the Cloud Agent application to enable EDR in a New Profile:
The Initial Profile is a system-generated profile that is listed in the Configuration Profiles by default. This profile can not be edited or deleted.
Once the profile is created and listed in the Configuration Profiles, you should assign a profile to an agent. Perform the following steps in Cloud Agent application to assign a profile to an agent:
Was this topic helpful?