That is a great question. I’ve been gathering some tips/best practices. Take a look through these resources, and let me know if you have additional questions. I would love your feedback so I can improve the list. (Apologies for the formatting).
Agent Functionality and Communications
- Environmental Considerations
- EPP Application Control - Globally Trust-listing Automox
https://support.automox.com/help/globally-trust-listing-automox-through-epp-application-control
Tip: To ensure uninterrupted functionality, please consider if EPP\antivirus rules are required in your environment.
-
Customize Script Execution Location - Useful if you need to control where processes run on your endpoints. Change Automox Script Execution Location
-
Update Sources - Each managed device will need access to all update sources when scans and when policies run. Notable updates sources are:
* WSUS (if used in your environment)
Agent Firewall Whitelisting Rules
Tip: All managed systems will require access (and potential defined routing) to api.automox.com* port 443
Tip: IP addresses for the API change often and dynamically. If an IP list is required by your organization, the following article provides a suggestion on how to identify the current IP list. Please ensure to keep firewall exceptions up to date:
Tip: Required Applications or Worklets with uploaded content will be stored in Amazon s3. A rule should be configured to allow access to automox-policy-files.s3.us-west-2.amazonaws.com*
Using the Automox Agent With a Proxy Server
Tip: Starting with agent version 29, Windows will automatically identify proxy settings if they are set per the current user or set for the system.
Tip: devices behind a proxy may need a route to be configured (e.g. pac file or proxy application permissions). Add routing if needed.