An Alias Email to create as the Global Admin account.
- We use this as your “Break Glass” account into Evo. Once we sync over your AD info, you will use your normal email address to manage Evo.
- NOTE: If using Spam/Email Protection Software, make sure to whitelist Evo's domain <evosecurity.com> to prevent important communications from being blocked.
Mobile Device or Hardware Token to receive push notification
- Download the EVO App from the Apple Store or Google Play Store
- QR codes can be sent out or generated to enable once your portal is setup.
Windows:
- Windows Server 2012 R2 or higher.
- Windows Desktop 10 or higher.
- Intel 64-bit Chipset architecture.
- Not supported: ARM Chipsets (ex. Some Surface Pros have ARM chipsets)
Mac:
- macOS 14.x - Sonoma
- macOS 13.x - Ventura
- macOS 12.x - Monterey
- macOS 11.x - Big Sur
- macOS 10.15.x - Catalina
- macOS 10.14.x - Mojave
- macOS 10.13.x - High Sierra
- macOS 10.12.x - Sierra
- Not supported: beta macOS versions (ex. beta Sequoia)
Access to a Windows test machine
- Windows 10 or above is required.
- Access to Windows Login Prompt (UAC) on the machine.
- We will install the Evo Credential Provider (ECP) to this machine. Once installed you will be able to test MFA, SSO, and Elevated Access
- Ability to copy and paste text from your computer to this test machine
- NOTE: For Azure or Domain joined environments, the test machine MUST be joined to the domain.
Access to your Domain Controller (for On-Prem Only)
- We will install the Evo LDAP agent onto your primary DC
- Server must be 2012 R2 or Higher
- .NET Framework 4.7.2 (or higher) has been installed on the server.
- All users have been created under the Active Directory.
- All users have a unique email address, specific to their user.
- All users are a member of a group to be synced.
Firewall and Network Requirements (for On-Prem Only)
When installing an Evo LDAP Agent or the Evo Credential Provider, the following considerations should be made. (Evo Agents only require outbound connectivity via the listed ports)
Allowlisted URLs for Firewall
URL | Port |
ifconfig.me |
443 (LDAP and Credential Provider) |
api.evosecurity.com |
443 (LDAP and Credential Provider) |
sync-api.evosecurity.com |
443 (LDAP Only) |
a3k8pqjo2tpsr9-ats.iot.us-east-1.amazonaws.com |
8883 (LDAP Only) |
Allowlisted Domain for Network and Email
URL | Description |
*.evosecurity.com |
Secured with TLS 1.2/1.3 (HTTPS); if you are on a network with SSL inspection or decryption, you might need to bypass decryption for the evosecurity.com CNAME of your instance. |
Allowlisted folders for Endpoint Protection
C:\ProgramData\EvoSecurity |
C:\Program Files\EvoSecurity |