Panda AdminSecure Communications Agent
What does it do?
Lets the client and the server talk to eachother
in order to, for example, perform an update of 
the virus signature file.

It also send inventory data, quarantine info 
and statistics to the server. Depending on the setup 
it may also send data to other monitoring systems.
What is it?
The communications agent is part of Panda Securitys centrally managed anti-malware solution AdminSecure. It handles the communication to and from clients and is responsible for everything from configuration changes to updates of signatures.

After first installing AdminSecure you'll only have one agent, the one on the server itself.

The agent software installed on the AdminSecure server does not differ at all from what's installed in the clients later on, it's only configured differently.
How does it communicate?
The communications agent communicates to the server using ports...
19226/tcp
19226/udp
80/tcp
...when installed and used in its default configuration that is. When you enable further options such as SNMP or Syslog, those protocols and their associated ports needs to be opened in any blocking firewalls as well.
Another thing to keep in mind is that the communication is client->server primarily, but you can still push jobs to the client as in a server->client model. 

This means that all client will update their information and signatures by requesting them from the server, but you can still push a configuration change or a new job to the client in realtime from the management console.
How do I install it on my clients?
There are several ways to distribute the agent to computers in your network.

The ones built into the AdminSecure Console (the management tool) are...
Direct distribution
Loginscript integration
Standalone installers
This is when you push the agent to the clients using Microsofts RPC services. This might require a reconfiguration of your client's firewalls if they're enabled and set to block this kind of traffic.

When distributing in smaller networks (and to servers) this is often the best option.
This function gives you the option of integrating the agent distribution into your legacy (NT4 domain) loginscripts. Might also be useful in Novell networks. This option is not used that often, and when it's used it's often used as a workaround to general network problems. IMHO, you should contact us to see if we can't find a better solution for you.
Choosing this option enables you to create an agent installation package. This allows you to do manual installations
on your clients, or use the generated package in your software distribution solution (SMS/System Center/Zenworks).

This installer is also available in .MSI format, but you'll have to download that one from your download zone.
What will be installed on the clients?
Panda AdminSecure Communications Agent
Panda AdminSecure Scheduler
Panda Antivirus Report Service
Panda AdminSecure Process Protection Service
The agent installs (per default) in %programfiles%\Panda Software\Panda Administrator 3\
And a couple of new services will appear...
Remember that this is just a communications component, and as such it's footprint on the system is minimal. We do install one driver at this point and that is the Panda FileShield driver (ShldDrv), but all it does is make sure no one mess around with files that are critical to agent operation.
Memory consumption, altough dynamic and hard to measure, is not very high. Remember, this is just a communications component and it doesn't do any kind of scanning or other resource intensive work.
The agent configuration file
The agents configuration can be found in the file PagCfg.dat which resides in the Pav_Agent folder.

This file controls everything from the ports used for communication, encryption keys for sensitive information and which server the agent is to communicate with.

You can edit this file yourself (even though you shouldn't) but before saving, you must stop the "Panda AdminSecure Communications Agent" service. Start the agent again to make the changes you've made go live.
Interesting agent config variables
[UseIP]
0

If your name resolution systems are not working correctly, or if using a vanilla Novell network without dynamic DNS registration, this variable will automatically switch over  to "1". That will prevent the agent from trying to look up the servers name, and just use its IP directly instead.

[AgentID]
{ad0670b6-4687-441c-9877-ce3a16699ece}

When a computer is integrated, it always gets a unique AgentID. If this variable is set in the config file, you can be sure that the computer is integrated and that it is visible in the management console.
[PortIn]
19226

The port that the agent accepts incoming connections on.
This should always be 19226 but it might change to one of the ports in [AlternatePorts] if something prevented the agent from binding successfully.
[ServersRoutes]
/PCM-TEST3:19226/PCM-TSTSRV02:19226/
/PCM-TEST3:19226/PCMTSTSRV02:19226/
[ServersNames]
PCM-TSTSRV02
PCM-TSTSRV02
(...)
[ServersIP]
10.0.4.191
10.0.4.191

All variables above control what server the agent is to use. This might be good to know if you are in the planning/testing phase when doing a migration to another AdminSecure server. These variables can also be modified on clients from the management console (when moving agents to a secondary repository for example).
A short introduction
This was a short and simple introduction to the Panda AdminSecure Communications agent. If you're missing something, please comment and tell me what you need and I'll add information about that as soon as possible.

This is a living document without versioning, so check back in a month or so and I might have added more info to it ;)

For more Panda Security information, see:

Panda Sweden's blog (Swedish) - http://blogg.pandasecurity.se
Panda Research blog (English) - http://research.pandasecurity.com
Panda Labs blog (English) - http://pandalabs.pandasecurity.com

Cheers,

Daniel Nystrom
daniel.nystrom@se.pandasecurity.com
Technical Support Manager, Panda Security Sweden
Thanks for watching!