Evo Prerequisites & Supported Operating Systems
An Email to create as the Super Admin account.
- We recommend using a Shared mailbox or Distribution group for the Super Admin account. You will use this as your “Break Glass” account into Evo. Once we sync over your Directory User info, you will use your normal email address to manage Evo.
- NOTE: If using Spam/Email Protection Software, make sure to whitelist Evo's domain <evosecurity.com> to prevent important communications from being blocked.
Mobile Device or Hardware Token to receive push notification
- Download the EVO App from the Apple Store or Google Play Store
- QR codes can be sent out or generated to enable once your portal is setup.
- More information on supported authentication methods can be found here
Windows:
- Windows Server 2016 or higher
- Windows Desktop 10 or higher
- Intel 64-bit Chipset architecture
- ARM 64-bit Chipset architecture
Not compatible with Azure Virtual Desktop machines using MFA
Microsoft Azure Virtual Desktops will create a login loop when Evo is installed and you may also experience black screens. This has been tested with our Evo Agent to the same effect. This is also unsupported by other vendors such as Duo. This is a limitation from Microsoft in their support of Azure Virtual Desktops.
Mac:
- macOS 26.x - Tahoe
- macOS 14.x - Sonoma
- macOS 13.x - Ventura
Access to a Windows test machine
- Windows 10 or above is required.
- Access to Windows Login Prompt (UAC) on the machine.
- We will install the Evo Agent to this machine. Once installed you will be able to test MFA, Technician Elevation, and End User Elevation
- Ability to copy and paste text from your computer to this test machine
- .NET Core 9.0 Runtime - Download Link
- NOTE: For Azure or Domain joined environments, the test machine MUST be joined to the domain.
Access to your Domain Controller (for On-Prem Only)
- We will install the Evo LDAP agent onto your primary DC
- Server must be 2016 or Higher
- .NET Framework 4.7.2 (or higher) has been installed on the server.
- All users have been created under the Active Directory.
- All users have a unique email address, specific to their user.
- All users are a member of a group to be synced.
When installing an Evo LDAP Agent or the Evo Credential Provider, the following considerations should be made. (Evo Agents only require outbound connectivity via the listed ports)
Allowed List URLs for Firewall
URL | Port |
ifconfig.me | 443 (LDAP and Credential Provider) |
api.evosecurity.com | 443 (LDAP and Credential Provider) |
sync-api.evosecurity.com | 443 (LDAP Only) |
a3k8pqjo2tpsr9-ats.iot.us-east-1.amazonaws.com | 8883 (LDAP Only) |
beacon-api.evosecurity.com | 443 (LDAP and Credential Provider) |
time.google.com | 123 (LDAP and Credential Provider) |
Allowed List IP Addresses for Firewall
3.17.228.65
3.20.248.76
3.129.178.76
Allowed List Domain for Network and Email
URL | Description |
*.evosecurity.com | Secured with TLS 1.2/1.3 (HTTPS); if you are on a network with SSL inspection or decryption, you might need to bypass decryption for the evosecurity.com CNAME of your instance. |
Allowed List folders and files for Endpoint Protection
Exclusions for Anti Virus ( AV ) & or Endpoint Detection and Response ( EDR )
Evo Credential Provider Allow-list
Evo Agent C:\Program Files\EvoSecurity\EvoAgent\AgentRequestViewer.exe C:\Program Files\EvoSecurity\EvoAgent\CredProAgentNotifier.exe C:\Program Files\EvoSecurity\EvoAgent\EvoAgentTray.exe C:\Program Files\EvoSecurity\EvoAgent\EvoConsentUI.exe C:\Program Files\EvoSecurity\EvoAgent\EvoSecureLoginAgent.exe C:\Program Files\EvoSecurity\EvoAgent\EvoSettingsEditor.exe C:\Program Files\EvoSecurity\EvoAgent\EvoUpdater.exe C:\Program Files\EvoSecurity\EvoAgent\MSIExecProxy.exe C:\Program Files\EvoSecurity\EvoAgent\UACExtenderUI.exe
C:\Program Files\EvoSecurity\EvoAgent\EvoCredProvider.dll C:\Program Files\EvoSecurity\EvoAgent\CredProAgentHelper.dll C:\Program Files\EvoSecurity\EvoAgent\sqlite3.dll
Evo Agent x64 C:\Program Files\EvoSecurity\EvoAgent\EvoConsentBridge-x64.exe C:\Program Files\EvoSecurity\EvoAgent\x64\devcon.exe C:\Program Files\EvoSecurity\EvoAgent\x64\EvoFilter-x64.sys C:\Program Files\EvoSecurity\EvoAgent\x64\EvoFilter-x64.inf C:\Program Files\EvoSecurity\EvoAgent\x64\evofilter-x64.cat C:\Windows\System32\drivers\EvoFilter-x64.sys
Evo Agent ARM64 C:\Program Files\EvoSecurity\EvoAgent\EvoConsentBridge-arm64.exe C:\Program Files\EvoSecurity\EvoAgent\arm64\devcon.exe C:\Program Files\EvoSecurity\EvoAgent\arm64\EvoFilter-arm64.sys C:\Program Files\EvoSecurity\EvoAgent\arm64\EvoFilter-arm64.inf C:\Program Files\EvoSecurity\EvoAgent\arm64\evofilter-arm64.cat C:\Windows\System32\drivers\EvoFilter-arm64.sys
Evo LDAP Agent Allow-list
C:\Program Files\EvoSecurity\EvoLDAPSAgent\EvoLDAPSAgent.exe C:\Program Files\EvoSecurity\EvoLDAPSAgent\EvoUpdater.exe C:\Program Files\EvoSecurity\EvoLDAPSAgent\LDAPAgentSettings.exe