It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda XDR
Overview Documentation Materials

Deploying the XDR Collector on multiple Windows servers

  • Last updated on

This guide provides step-by-step instructions for deploying the XDR Collector to multiple Windows servers using PowerShell automation. The deployment process includes downloading the agent, copying it to remote servers, extracting it, and installing it in silent mode.

Prerequisites

Before running the script, ensure the following:

  • You have administrator privileges on all target servers.

  • You have valid credentials with remote access permissions.

  • PowerShell Remoting is enabled on all servers.
    If PowerShell Remoting is not enabled, run Enable-PSRemoting -Force.

  • Internet access is available on the deployment machine to download the XDR Agent.

  • Firewall rules allow remote execution. If they don’t, update them to allow PowerShell Remoting.

What the deployment script does

The script automates the following tasks:

  1. Creates the necessary directory structure.

  2. Downloads the Elastic Agent package if not already present.

  3. Transfers the package to remote servers from the LAN.

  4. Extracts the package on each server.

  5. Installs the Elastic Agent in silent mode.

  6. Verifies that the agent service is running.

Deploying the script

To deploy the script, follow these procedures:

  • To create a list of target servers

  • To update the script with the enrollment key

  • To run the script

To create a list of target servers

The script uses a text file named servers.txt, located at the root of the C: drive on the server you deploy the script from. Because this text file consists of the target servers that you want the script to deploy to, you must create this text file yourself.

  1. Start a new text file.

  2. Type the IP or full name of each Windows server you want to deploy the Collector to, each on a separate line.

    • For example:
      server1.lab
      server3.lab
      192.168.3.4

  3. Save the list as C:\servers.txt.

To update the script with the enrollment key

You must update the script with the enrollment key for your XDR account. This key is unique to your account and can’t be used with any other XDR account.

  1. In Barracuda XDR Dashboard, click Infrastructure Collectors.

  2. In the Policies table, next to the on-prem policy, click Action Install.

  3. Click Windows.

    WindowsInstallXDRCollector1.png

  4. Copy the command at the bottom of the dialog box.

    WindowsInstallXDRCollector2.png

  5. On a Windows server that has Internet access, download the script.

  6. Open the script.

  7. In the script, replace the enrollment token in the script with the key you in step 4.

  8. Save the script

To run the script

  1. Start PowerShell.

  2. Run the script.

BEST PRACTICE

Disable PSRemoting after the deployment is done as best practice cybersecurity Hygiene.