Overview
Auvik’s OVA-based collectors are purpose-built and hardened appliances designed specifically for network discovery, monitoring, and data collection. Because of this hardened design, installing third-party software — including endpoint detection and response (EDR), antivirus (AV), or endpoint security agents such as CrowdStrike Falcon — is not supported.
This restriction helps ensure collector stability, reliability, and performance.
Unsupported software on OVA collectors
The following types of software are not supported on Auvik OVA collectors:
- Endpoint security agents (e.g., CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint)
- Antivirus or antimalware applications
- Host-based intrusion detection/prevention software
- Third-party monitoring or management tools
- Additional operating system packages or custom software
Installing unsupported software may interfere with collector operations, network polling, packet processing, or system updates.
Recommended approaches
Deploy security tooling on separate infrastructure
Run EDR, AV, and other security tooling on dedicated servers or endpoints elsewhere in the environment rather than on the Auvik collector itself.
The Auvik collector should remain dedicated to:
- Network discovery
- Device polling
- Topology mapping
- Performance monitoring
- Traffic and configuration collection
Use network hardening best practices
Instead of installing endpoint agents directly on the collector, secure the collector through network-level controls such as:
- Placing collectors in secured or segmented management VLANs
- Restricting inbound access with firewall rules
- Allowing outbound access only to required Auvik cloud services and monitored device protocols
- Limiting administrative access to authorized personnel only
For more information on required collector communications, see:
- What protocols and ports does the Auvik collector use?
Coordinate with your security team
If your organization requires endpoint security validation, work with your security team to:
- Whitelist the collector’s traffic patterns and behavior
- Exclude the collector from automated endpoint agent deployment policies
- Permit required outbound communication to Auvik cloud services
Alternative deployment options
If your security policies require host-based security tooling, consider deploying the Auvik collector using a supported Linux or Windows installation method on infrastructure where you can manage the operating system and associated security controls separately.
Summary
Auvik does not support installing third-party security agents, including CrowdStrike Falcon, on OVA-based collectors. To maintain stability and performance, collectors should remain dedicated appliances with security enforced through network segmentation, firewall policies, and organizational security controls instead of host-based agents.