Home
Arc
Preparation
Information on how to import Arc packages, and install a license.
Dependencies
To enable all the functions of Arc, you need to have certain items installed on the host machine.

Arc
- Introduction
  An overview of Arc.
- Requirements
  The machine and network requirements necessary to use Arc.
- Preparation
  Information on how to import Arc packages, and install a license.
  - Arc licenses
    Before you can deploy and use Arc, you will need to buy a license. How Arc licenses are installed will depend on the existing installation that you have. Arc and Arc Embedded require separate licenses.
  - Install a license
    Before you can use a product, you must install the applicable license.
  - Import Arc through the update service
    Before you can deploy Arc, you must import it first. There a two methods you can use to do this, one method is through the Nozomi Networks Update Service. The alternative method is through a manual contents upload.
  - Import Arc through a manual contents upload
    Before you can deploy Arc, you must import it first. There a two methods you can use to do this, one method is through a manual contents upload. The alternative method is through the Nozomi Networks Update Service.
  - Dependencies
    To enable all the functions of Arc, you need to have certain items installed on the host machine.
    - Enable security log events
      Before you can use Sigma rules related to security log events, you will need to enable them.
    - Enable printservice log events
      Before you can use Sigma rules related to printservice log events, you will need to enable them.
- Configuration
  Details on how to configure Arc.
- Deployment
  Information on how to deploy Arc. This includes details for manual and automatic deployments, and deployment through a mobile device management (MDM) system.
- Execution
  Information on the different modes that you can use with Arc.
- Troubleshooting
  Troubleshooting procedures to help you solve problems that might occur when you use Arc.
- Print format documentation
  A list of all the print-format documentation that is available for Arc.

Dependencies

To enable all the functions of Arc, you need to have certain items installed on the host machine.

Table 1. Dependencies
Feature	Windows	Linux	macOS
Sigma rules	Sysmon	Not supported	Not supported
	PowerShell-script block-logging
	PowerShell Core-script block-logging
USB detections	USBPcap	Not supported	Not supported
Traffic monitoring	WinPcap or Npcap	Not needed	libpcap
Asset details	Not needed	dmidecode	Not needed

Users have to install dependencies. To install the dependencies manually, download them and install them individually. Alternatively, you can use a mobile device management (MDM) tool to install them across the managed network.

Windows

On Windows, you can use the command install_dependencies to automatically install these dependencies on the target machine:

PowerShell-script block-logging
PowerShell Core-script block-logging
USBPcap
Npcap

For Sysmon, the installation is semi-automatic. First, you must upload the latest Sysmon bundle to the applicable Guardian page. The bundle is then used for automatic installation during subsequent deployments.

If Arc is connected to Vantage, Sysmon is automatically fetched from the original website, and no other actions are required.

Note: After you have installed USBPcap, you must reboot the host machine to make the dependency active.

Note: After a dependency is installed, you must restart Arc to make it active. When Guardian automatically installs dependencies during deployment, no user actions are necessary.