Windows Agent Overview and System Requirements
Overview
The Lacework Windows agent provides threat detection, file and Windows registry integrity monitoring, vulnerability detection, and host-based intrusion detection for your Cloud or on-premises Windows Server OS-based workloads.
After you install the agent, the agent and the Lacework server (API endpoint) communicate with each other. The agent scans your hosts and securely forwards select metadata to the Lacework server to build a baseline of normal behavior. From this, Lacework provides alerts for anomalous behavior.
The system requirements for the Windows agent are described below.
Supported Operating Systems
The Windows agent supports the following 64-bit Windows Server operating systems:
| Operating System |
|---|
| Windows Server 2022 |
| Windows Server 2019 |
| Windows Server 2016 |
| Windows Server 2012 R2 |
| Windows Storage Server 2012 R2 |
Before installing the agent on Windows Server 2012 R2 or Windows Storage Server 2012 R2, find the agent server URL to be used during installation using the instructions in Agent Server URL for Windows Server 2012 R2 and Windows Storage Server 2012 R2.
- The operating system must support Transport Layer Security (TLS) 1.2.
- Do not install the Windows agent on personal computer versions of Windows operating systems installed on desktop computers, laptops, and workstations.
Supported PowerShell Versions
- PowerShell 5.0 or later version
Lacework recommends upgrading to a supported PowerShell version because the agent does not support monitoring suspicious PowerShell script executions in PowerShell versions older than version 5.0.
Supported Deployments
The Windows agent supports the following flexible deployment models:
| Deployment Model |
|---|
| Active Directory |
| Standalone Deployments |
Cloud-Based Host Machine Recommendations
The following are the minimum hardware requirments for installing the Larework Windows agent on Cloud-based host machines:
| Cloud Service | Instance Type | Recommendation |
|---|---|---|
| AWS | General Purpose (t2 & t3 types) Compute Optimized (c4 & c5) | Minimum 4vCPU machine |
| Azure | General Purpose (D2s & D4s types) | Minimum 4vCPU machine |
| Google Cloud | e2-standard-4 | Minimum 4vCPU machine |
Other instances that meet the minimum requirements are also supported. Using a machine that does not meet the recommendations described above could result in higher CPU utilization by the agent.
On-premises Host Machine Recommendations
The following are the minimum hardware requirments for installing the Larework Windows agent on on-premises host machines:
- 2 core CPU
- 4 GB RAM