Help Center
News
Help Center
News
Popular
Architecture and High-level Information
Scans
Agents
How to Use Dashboards
How to Use Data Asset Inventory
How to Use Tags
How to Manage Business Processes
How to Work with Data Assets and Targets
What is an Asset?What is a Target?How to Get Started with Data Asset InventoryData Assets and Targets - OverviewData Assets and Targets - Data AssetsHow to Use the SDV3™ DashboardExample Data Asset Inventory SetupHow to Create New Data AssetsHow to View Details About Data AssetsHow to Search for a Data AssetHow to View Target Details and Search for a TargetHow to Add a Cloud TargetHow to Add a Collaboration Tools TargetHow to Add a Database TargetHow to Add Jira Cloud as a Target using the Spirion AnyScan (CData) ConnectorHow to Add an E-Mail TargetHow to Create an Exchange Online TargetHow to Add a Remote Machine TargetHow to Add a Website TargetHow to Edit a TargetHow to Remove a TargetHow to Bulk Import TargetsHow to Bulk Assign Tags to TargetsHow to Manage a Target PermissionHow to Remove a Target PermissionWhat is Remediation?How do I Segment Targets Effectively in Spirion Sensitive Data Platform?How do I Assign Agents to Specific Target Segments?Can I Automate Agent Assignment based on Target Type?
How to Install\Uninstall and Set Up Spirion Sensitive Data Platform
How to Use Logs
How to Manage Users and Roles
Reports
Settings and Resources
Additional Resources
Release Notes
Reporting API
Customer Support Articles

How do I Assign Agents to Specific Target Segments?

Assigning Agents to specific Target segments is a core part of the Scan Creation process in the Spirion Console. This ensures that the right "workers" are performing the discovery and search tasks for the right data sources.

How to Assign Agents

  1. Navigate to Scans: In the Spirion Console, go to the Scans section and select Create Scan (or edit an existing one).
  2. Define the Target: During the scan setup, you select the Target Segment you want to scan (for example, a specific file share, database, or M365 site collection).
  3. Select Agents: In the Agents step of the scan wizard, you will see a list of all registered and healthy agents. You can assign Agents in two ways:
    • Individual Assignment: Manually select one or more specific Agents from the list.
    • Tag-Based Assignment: Select an Agent Tag (e.g., London_Agents or High_Performance_Workers). Any agent with that tag will automatically be eligible to participate in the scan.
  5. Assign Roles (Optional): For distributed non-local scans, you can designate which agent acts as the Discovery Agent (the "planner") and which agents act as Search Agents (the "workers"). If you assign only one agent, it will perform both roles automatically.

Best Practices for Agent Assignment

1. Use Agent Tags for Scalability

Instead of assigning Agents by name, use Agent Tags.

  • Why it helps: If you add a new Agent to your environment and give it the Finance_Scan_Group tag, it automatically participates in all scans assigned to that tag. You don't have to manually update every scan definition.

2. Assign Agents Based on Network Proximity

Always assign Agents that are "network-close" to the Target they are scanning.

  • The Rule: If you are scanning a file share in your AWS US-East-1 region, assign Agents that are also running in AWS US-East-1.
  • Why it matters: This minimizes latency and prevents massive amounts of data from being pulled across slow or expensive WAN links during the content inspection phase.

3. Match Agent Permissions to the Target

Ensure the service account running the Agent has the necessary permissions to access the Target segment.

  • Operational Gotcha: If you assign a "Workstation Agent" to scan a "SQL Database," the scan fails if that Agent doesn't have the correct database drivers or network access to the DB server.

4. Balance the Workload (Fan-Out)

For large, non-local targets (like a 10TB file share), assign multiple Search Agents.

  • How it works: One Agent performs Discovery (listing the files), and multiple Agents perform the Search (inspecting the content).
  • Why it helps: This "fan-out" model significantly increases throughput and reduces the total time required to complete the scan.

5. Local Scan Exception

Remember that for Local Scans (scanning the Agent's own local hard drive), assigning multiple Agents does not split the work. Instead, each assigned Agent runs the same scan on its own local machine. Only assign multiple Agents to a local scan if you want to scan all of those endpoints simultaneously.

Summary Checklist

  • Proximity: Is the Agent close to the data?
  • Permissions: Does the Agent have access to the target?
  • Tags: Am I using Tags to make future management easier?
  • Roles: Have I assigned enough Search Agents for the size of the Target?

By following these assignment rules, you ensure that your Spirion Agent worker fleet is operating at peak efficiency and that your scans are both fast and reliable.

Was this article helpful?

Powered by Product Fruits