ACSIA Help Center

How To Be Prepared For a PoC

Permanently deleted user
Permanently deleted user
  • Updated

1. Overview

In this article, we'll discuss everything you need to be well-prepared for an ACSIA PoC installation.

2. Installation

2.1 Before the PoC installation

2.1.1 Creating an environment

In this section, we'll list some guidelines to help you prepare your environment so that everything will be correctly set up for the PoC installation.


2.1.2 Setting up the environment

We advise you to create a test environment that is separated from your production environment. 


2.1.3 Verify the prerequisites

As with every software, you need to verify if your environment matches the prerequisites. Here are the ones for ACSIA:

  • Hardware prerequisites. In this article, in paragraph 3.1.1, we discuss the minimum hardware requirements that your environment must match.
  • Domains and reachability. It's important that your environment has full internet accessibility. Moreover, it must reach some specific domains. In this article, in paragraph 3.1.1, you find a list of domains. Please, verify that your environment can reach all the domains in the table and all the domains in the note following the table.
  • Network configuration. You need to set up your network configuration for ACSIA. Please: verify the prerequisites in this article, in paragraphs 3.1.2 and 3.1.3.


2.1.4 Update and upgrade instance

Your instance must be updated and upgraded before installing ACSIA.
Please: kindly verify to do so before the PoC meeting.

If you request SSL certificates from "Ca authority", you may take several weeks before actually getting them. For this reason, we advise you to request them during ACSIA trial period and before actually purchasing the full product, because we need to install the SSL certificates first, and then install the client (otherwise, we'll need to uninstall the client, install the certificates, and install the client again).

2.2 During the PoC installation

2.2.1 Referring to the documentation

Please: note that the installation follows the main guide. You'll have to refer to it here.

please: remember that when you've obtained the credentials before you can actually use ACSIA you have to perform the process described in paragraph 3.2 of the main guide, linked above.

2.2.2 deleting the standard user and creating a new one

Please, consider that the abovementioned paragraph 3.2 of the main guide is very important.
Here we want to underline the fact that at the end of it, below the "gif" image we describe a procedure that allows you to delete the standard user and creates a new one. 
We kindly inform you that you have to perform it.

3. Adding a client on a device

1) If you wish to try the trial version of Bitdefender, this must be installed before installing the agent.
2) Before installing the agent on the device, make sure the CPU is not under stress.


If your machine is under Linux, then add a Linux client.


If your machine is under Windows, then add a Windows client.

4. ACSIA dashboard presentation; possible setups and configurations to improve your experience with ACSIA

During the PoC call, we'll present you with the dashboard with all its functionalities.


We may also ask you to modify some setups and configurations to improve your experience with ACSIA.

5. Test detection

With our help and suggestions, you'll need to run the following commands to test your infrastructure and see the benefits of ACSIA:

1 This command will perform a port scan on the first 1000 ports and ACSIA will detect it but it will not trigger an automatic ban. The detection is done only when more than 50 ports are scanned. The automatic ban will be triggered if many port scans are running in 5 minutes, one scan is not enough. Here is the list of commands I used and some information about them: nmap ip_address -Pn -vvv
2 This command will scan all the ports of a machine in an aggressive way, scanning also the OS version. This command will trigger an auto-ban, so you will not find the notification in the live notification but only in the banned IP list if the Public IP Ban is enabled. nmap -A -p- -T4 ip_address -Pn -vvv
3 This command will perform an RDP brute force and it will trigger an alert or an auto-ban depending on the aggressivity (how many passwords are tried in 5 minutes). For this scenario, they will need to provide us with the log files and we could try to build a parser for them. hydra -l username -P /usr/share/wordlists/dirb/small.txt rdp://ip_address
4 This command will do a directory scanning attack and it will generate an alert or an auto-ban depending on the aggressivity (how many folders are checked in 5 minutes). dirb http://ip_address_or_url /usr/share/wordlists/dirb/small.txt