Step 2: Prepare
Once you have access into the Stairwell tenant, it's important to begin to prepare for the pilot deployment of Stairwell forwarders.
- Review Assets and Environment
Before deploying Stairwell to your first asset, it is a good idea to review your assets and environment to ensure a smooth start. Some things to consider are:
- The number of assets you intend to deploy to by OS version and build number
- Whether you are using any proxy or firewalls, have deep packet inspection enabled, MITM TLS interception, or have any other network concerns
- If there are any specific resource limitations Stairwell should be aware of
- If there are any other security, group policy, or agents you want to make sure that we do not interfere with
- If there are any specific systems where source code is being developed that should be excluded from collection
We recommend you target a machine of each type to get a good baseline of the most common files across those systems. This will make subsequent installations and backscans much quicker since we only upload a hash once per environment.
Supported Operating Systems
- Windows: Server 2012 R2, Server 2016, Server 2019, Server 2022, Windows 10, Windows 11
- x64 Architecture Only
- Mac: MacOS 11 Big Sur, 12 Monterey, 13 Ventura, 14 Sonoma, 15 Sequoia
- x64 Intel Architecture and Apple ARM Architecture
- Linux: RHEL 6 Santiago, 7 Maipo, 8 Ootpa, 9 Plow, Ubuntu 20.04 Focal Fossa, 22.04 Jammy Jellyfish, Debian
- Swell: Ask your Customer Success Manager
- Review Connectivity Requirements
The Stairwell forwarder may require proxy and/or firewall configuration changes to ensure it can register, check in, update, and upload properly. Please ensure the items listed on our connectivity requirements page are all allowed and if there is SSL inspection, that Stairwell traffic is excluded from that as it will interfere with security communications and interrupt operability.
- Review Asset Policy
The asset policy is what defines what a forwarder will collect, so it's important to review this and ensure all desired file types are included, any exclusions for things like source code or application deployment directories are excluded, and to review rate limiting settings.
- Review Environments
The environment is where assets and objects will be stored. You can have multiple environments which can be used to separate out assets, objects, etc. Typically we'll see multiple environments setup if there are many subsidiaries involved or customers managed for MSSPs. Environments have their own groups, policies, etc.
Updated about 23 hours ago