Chapter 1. Overview of the Agent

The HP Sygate Security Agent (the Agent) is security software that is installed on embedded devices, such as ATMs and thin clients, that run the Windows XP Embedded operating system. Once installed, the Agent provides a customizable firewall that protects the device from intrusion and misuse, whether malicious or unintentional. It detects and identifies known Trojans, port scans, and other common attacks, and in response, selectively allows or blocks traffic, or various networking services, applications, ports, and components.

The Agent uses a customizable security policy, which includes security rules and security settings, to protect an individual device from network traffic that can cause harm. The Agent uses security rules to determine whether your device either blocks or allows an incoming or outgoing application or service from gaining access through your network connection. The Agent uses security settings to detect and identify common attacks, send e-mail messages after an attack, display customizable pop-up messages, and accomplish other related security tasks.

Modifying the Security Policy

The security policy that the Agent uses to protect the embedded device is stored in the policy file. You can modify the policy file, adding new rules and changing security settings.

If you are a system administrator, you can modify the security policy on your system and then deploy the settings in the policy file to each device where the Agent immediately applies them. To modify the security policy, you use the Policy Editor.

Using the Policy Editor

The Policy Editor is a separate tool from the Agent that you install on a separate system.

To install the Policy Editor:

1.From the Sygate FTP site, download the Policy Editor installer package, PolicyEditorInstaller.exe, to the image-building system.

2.Follow the instructions when prompted for your agreement to the license agreement, location of the software on your hard drive, and so on.

1