Deploying Huntress on Endpoints with Deep Freeze/VDI/Sysprep

This article applies to the use of the following: 

  • VMware Virtual Desktop Infrastructure (VDI)
  • Microsoft Windows Virtual Desktop (WVD)
  • Citrix VDI (formerly XenDesktop)
  • The use of standard install images (Sysprep/WIM, Microsoft Deployment Toolkit, etc.)
  • Faronics Deep Freeze

If any of the above are used within your environment, some deployment preparation may be required to ensure you do not end up with duplicate agents. The Huntress Agent registers with the Huntress cloud when the agent first comes online. If a host is reverted to a state prior to the install of the Huntress Agent, and the agent is then installed again, this will create a duplicate host.

In most cases, the Huntress agent will work properly in these environments. However, because of nuances in various environments, we ask that you open a ticket with us either by clicking here: Contact Us or by email at support@huntress.io to get technical details and guidance. 

Specifically with respect to virtual environments, we use the hardware MAC address and hostname to help uniquely identify a host. When a VM is recomposed, if these remain the same, when the agent re-registers, we will re-use the existing agent ID (preventing duplicate hosts). If the MAC address and/or hostname changes each time, you will see duplicates in your Huntress Dashboard as each host re-registers.. 

Testing

We recommend testing a few clones before mass deploying. Reboot and revert the clones a several times to verify that no new duplicate agents are created.

If you use see duplicate agents, we ask that you contact support at support@huntress.io so we can help to identify the cause and resolve the issue.

Need help? Click here to Contact Us Click here to Contact Us