Exclusions for installing the Modern Agent

When the Modern Agent installs, certain executable files are deployed on the device. These files perform core agent functions such as monitoring, patching, and data collection.

To ensure smooth installation and operation, these executables should not be blocked by third-party antivirus or endpoint protection software. You may need to configure exclusions for these in your security tools.

Excluding these files prevents false positives and ensures the agent can perform updates, collect logs, and execute monitoring tasks.

The component folders listed below are versioned, and version numbers may change as updates are released. For example, if we deploy a new component, we will increment the version number (major, minor, or revision) as appropriate. This means the paths shown here may not always match the exact version installed on your devices. To ensure proper exclusions:
  • Consider excluding the parent folder (e.g., components/software-scanner/) rather than a specific versioned subfolder.
  • Check the version installed on your device and update your exclusion list accordingly.

Windows Modern Agent executables

The following executables are installed on Windows devices. Add these paths to your antivirus or endpoint protection exclusions:

  • C:\Program Files (x86)\Msp Agent\msp-agent-core.exe
  • C:\Program Files (x86)\Msp Agent\components\component-version-collector\<version>\component-version-collector.exe
  • C:\Program Files (x86)\Msp Agent\components\events-collector\<version>\events-collector.exe
  • C:\Program Files (x86)\Msp Agent\components\generic-asset-interrogator\<version>\generic-asset-interrogator.exe
  • C:\Program Files (x86)\Msp Agent\components\generic-asset-interrogator\<version>\osquery\windows_x64\<version>\osqueryi.exe
  • C:\Program Files (x86)\Msp Agent\components\log-collector\<version>\log-collector.exe
  • C:\Program Files (x86)\Msp Agent\components\msp-agent-core-upgrade\<version>\msp-agent-core-upgrade.exe
  • C:\Program Files (x86)\Msp Agent\components\msp-ufa-core-uninstall\<version>\msp-ufa-core-uninstall.exe
  • C:\Program Files (x86)\Msp Agent\components\msp-ufa-legacy-run-checks-component\0.2.10\msp-ufa-legacy-run-checks-component.exe
  • C:\Program Files (x86)\Msp Agent\components\msp-ufa-reboot-component\<version>\msp-ufa-reboot-component.exe
  • C:\Program Files (x86)\Msp Agent\components\msp-ufa-takecontrol-detection\<version>\msp-ufa-takecontrol-detection.exe
  • C:\Program Files (x86)\Msp Agent\components\ns-agent-management\<version>\ns-agent-management.exe
  • C:\Program Files (x86)\Msp Agent\components\simple-metric-collector\<version>\simple-metric-collector.exe
  • C:\Program Files (x86)\Msp Agent\components\software-scanner\<version>\software-scanner.exe
  • C:\Program Files (x86)\Msp Agent\components\software-scanner\<version>\software-management-service-requirements\windows\<version>\wa_3rd_party_host_32.exe

If exclusions are not entered into your third-party antivirus, your devices may have trouble detecting, downloading or installing patches. As patch detection is performed even when Patch Management is not enabled, the step is critical to prevent performance troubles and issues such as failure to execute automation policies, and unwanted detections of regular process activity inherent to MSP software.

Linux Modern Agent executables

On Linux systems, the Modern Agent installs these components. Ensure these paths are excluded from security scans:

  • /opt/msp-agent/components/log-collector/<version>/log-collector
  • /opt/msp-agent/components/generic-asset-interrogator/<version>/generic-asset-interrogator
  • /opt/msp-agent/components/generic-asset-interrogator/<version>/osquery/linux/<version>/osqueryi
  • /opt/msp-agent/components/msp-ufa-patch-install/<version>/msp-ufa-patch-install
  • /opt/msp-agent/components/msp-ufa-patch-scan/<version>/msp-ufa-patch-scan
  • /opt/msp-agent/components/component-version-collector/<version>/component-version-collector
  • /opt/msp-agent/components/simple-metric-collector/<version>/simple-metric-collector
  • /opt/msp-agent/components/msp-ufa-core-uninstall/<version>/msp-ufa-core-uninstall
  • /opt/msp-agent/components/msp-ufa-reboot-component/<version>/msp-ufa-reboot-component
  • /opt/msp-agent/components/msp-agent-core-upgrade/<version>/msp-agent-core-upgrade
  • /opt/msp-agent/msp-agent-core
  • /opt/msp-agent/config/datastore/bucket.Meta
  • /opt/msp-agent/config/enc/saltStr
  • /opt/msp-agent/uninstall.sh
  • /opt/msp-agent/downloads/log-collector/linux/<version>/log-collector
  • /opt/msp-agent/components/software-scanner/<version>/software scanner
  • /opt/msp-agent/components/software-scanner/<version>/software-management-service-requirements/linux/<version>/wa_3rd_party_host_32

macOS Modern Agent executables

For macOS devices, the following files are part of the Modern Agent installation. Add them to your exclusion list:

  • /Library/MspAgent/uninstall.sh
  • /Library/MspAgent/config/vault.json
  • /Library/MspAgent/config/msp-agent-core.json
  • /Library/MspAgent/config/volatile-store.json
  • /Library/MspAgent/config/enc/saltStr
  • /Library/MspAgent/config/datastore/bucket.Meta
  • /Library/MspAgent/config/components-state.json
  • /Library/MspAgent/config/components.json
  • /Library/MspAgent/config/component-hashes.json
  • /Library/MspAgent/components/msp-agent-core-upgrade/<version>/msp-agent-core-upgrade
  • /Library/MspAgent/components/log-collector/<version>/log-collector
  • /Library/MspAgent/components/component-version-collector/<version>/component-version-collector
  • /Library/MspAgent/components/software-scanner/<version>/config/software-scanner.json
  • /Library/MspAgent/components/software-scanner/<version>/software-scanner
  • /Library/MspAgent/components/software-scanner/<version>/software-management-service-requirements/darwin/<version>/license.cfg
  • /Library/MspAgent/components/software-scanner/<version>/software-management-service-requirements/darwin/<version>/wa_3rd_party_host_32
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/_CodeSignature/CodeResources
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/MacOS/osqueryd
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/Resources/osqueryctl
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/embedded.provisionprofile
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/Info.plist
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/osquery/darwin/<version>/di.app/Contents/PkgInfo
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/config/generic-asset-interrogator.json
  • /Library/MspAgent/components/generic-asset-interrogator/<version>/generic-asset-interrogator
  • /Library/MspAgent/components/simple-metric-collector/<version>/simple-metric-collector
  • /Library/MspAgent/components/msp-ufa-reboot-component/<version>/msp-ufa-reboot-component
  • /Library/MspAgent/components/msp-ufa-core-uninstall/<version>/msp-ufa-core-uninstall
  • /Library/MspAgent/msp-agent-core

Mutual TLS (mTLS) Exclusions

The Modern Agent uses Mutual TLS (mTLS) for secure communication between the endpoint and N-able's servers. mTLS strengthens security because both sides of the connection authenticate with cryptographic certificates. However, communication can fail when something breaks the certificate chain. This often happens when the endpoint uses web protection or content filtering software, or when the network routes traffic through a non-transparent proxy as these products can replace one or both mTLS certificates with their own.

When this happens, the Modern Agent may lose the ability to communicate and appear offline. It may also fail to download component files or configuration data, which can cause features to stop working or behave inconsistently. The Modern Agent does not fall back to standard TLS because that would reduce security and introduce risks such as spoofing or man‑in‑the‑middle attacks.

Workarounds

Depending on your environment, you can use one of the following options:

  • Exclude mTLS endpoints from SSL inspection.
  • Configure the softwareor firewall to use TLS pass-through.
  • Use network level access controls such as conditional access policies instead of blanket HTTPS inspection.

If you need to exclude the Modern Agent traffic from web protection, content filtering, or packet inspection, add the following wildcarded FQDNs:

  • *.prd.cdo.system-monitor.com
  • *.iot.eu-west-1.amazonaws.com
  • *.iot.us-west-2.amazonaws.com
  • *.iot.ap-southeast-2.amazonaws.com
  • *.iot.eu-central-1.amazonaws.com
  • *.eu-west-1.prd.davinci.system-monitor.com
  • *.us-west-2.prd.davinci.system-monitor.com
  • *.ap-southeast-2.prd.davinci.system-monitor.com
  • *.eu-central-1.prd.davinci.system-monitor.com