At this stage of deployment of the tenant protection infrastructure, you need to create a Light Agent policy in one of the following folders:
In the Light Agent policy, configure the Light Agent operation settings as follows:
To restrict Light Agents' access to SVMs, you can also block network connections from the tenant subnet to the subnet with the SVM on TCP ports 80, 9876, 9877, 11111, and 11112.
The default values can be used for other settings for connecting Light Agents to SVMs.
It is recommended to "lock" all the settings for connecting Light Agents to SVMs in order to prevent these settings from being changed in child policies.
You can use the "lock" attribute to allow or block changing of settings or groups of settings in task settings or in nested policies (for nested administration groups and secondary Administration Servers). Tenant administrators cannot configure "locked" settings. If the "locks" are open, the tenant administrator can independently configure the operation of Light Agent components.
It is not recommended to configure the general operating settings of Light Agents in the policies located in folders and administration groups to which the tenant administrator has access, that is, in folders and administration groups under the Administration Server <Tenant name> node.
Page top