Chapter 2 : EVE Endpoint

This chapter provides comprehensive details on deploying and managing the EVE agemt across endpoints. This chapter outlines the hardware and operating system requirements necessary for the software to function optimally. It specifies supported versions for both Windows and Linux endpoints and elaborates on the prerequisites for the custom threat module.

The chapter delves into the software feature support exceptions and lists the requirements for installing the EVE agent, including considerations for both physical and virtual machines. It also addresses the necessary exclusions and third-party communications, detailing the privileges needed and how endpoints communicate with the platform.

Frameworks are discussed, setting the stage for obtaining the EVE software, which is crucial for endpoint protection. The chapter explains the agent's controls, notifications, and the isolation process, providing a step-by-step guide on software installation for both Windows and Linux systems. This includes validation procedures to ensure the software is correctly installed.

Backup strategies for virtual machines using a golden image are outlined, followed by instructions on upgrading and uninstalling the EVE software for both operating systems. The troubleshooting section covers how to obtain logs from the cloud instance and locally on Windows and Linux systems, along with obtaining logs of the isolation process, ensuring that users have the necessary information to manage the software effectively.