Overview:

The CYRISMA CyBroker Sensor is used to scan targets within a local network (LAN) for Data Sensitivity, Vulnerability/Baseline scans, and Agentless scans on various systems (Windows, MAC, Linux). The sensor communicates with the CYRISMA Command Center, which receives scan results.

Prerequisites:

Sensor Installation Requirements:

• Must be installed on Windows Server (2012 R2, 2016, 2019) or Windows 10/11 Workstations.
• Ensure communication with cyrisma.com domain (configure web filters/firewalls to allow access).
• Anti-virus should exempt C:\Cyrisma_Agent, and Anti-Spam should allow mail from cyrisma.com.
• .NET Framework 4.7.2 is required; install this prior to setup if not already present.
• Create a local network admin account with necessary rights to perform scans on network machines.

Sensor Installation Steps:

• Log into the Cyrisma Command Center, generate the Windows Installation Key, and retrieve the agent installer.
• Download and run the installer on the target machine using the generated key and instance URL.
• Optionally, deploy via command line using the /verysilent and /role=sensor options for silent install or network scanning mode.
• After installation, the agent contacts the Command Center for provisioning.
• Optional Feature - Auto Provisioning:
  • By default, after installation, the agent must be provisioned manually in the Command Center.
  • To automate provisioning during installation, use the /autoprovision=yes switch in the command line.
  • Example Command:=
  • Cyrisma_Setup /verysilent /key=nnnn-nnnn-nnnn /url=https://ccNNNNNN.cyrisma.com /autoprovision=yes
  • The autoprovision switch must be placed after the key and URL switches with no spaces around "=" signs.
  • This feature is useful for large-scale deployments but should be used carefully to prevent accidental agent installations.

Agent Provisioning:

• Once installed, log into the Command Center, select the agent, and provide network credentials for sensor-based scanning.
• Adjust security policies to exclude or allow CYRISMA components (C:\Cyrisma_Agent) in Endpoint Protection.

Endpoint Protection Compatibility:

• Local Scanning: The agent runs as “System” with local machine access rights.
• Network Scanning: The agent uses a service account with specified credentials to scan other network machines.

If Endpoint Protection detects or blocks the agent, modify security settings to allow CYRISMA. This can include adding exclusions for specific agent executables such as:

• DataSpotliteAgent.exe
• psexec.exe
• cytcp.exe
• fileconv.exe
• And others as listed in the document.

Conclusion:

Ensure the agent is properly installed and provisioned before starting network scans. Endpoint security systems may need configuration changes to avoid interference with CYRISMA’s operations.

Installation Guide

For step-by-step instructions and important notes on integrating CYRISMA with your environment, please review the official CYRISMA Agent Installation Guide here: