---
title: Installing the agent
summary: null
url: >-
  https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/installing-the-agent
---

This guide explains how to install the [Next-Gen WAF agent](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/getting-started-with-the-agent) by adding the package repository, installing and configuring the agent package, and then starting the agent.

## Prerequisites

Before installing the agent, you need to:

### Alpine Linux

- If Alpine is being run in a Docker container, you must start the container.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

### Amazon Linux

- Determine the version of Amazon Linux you want to use: Amazon Linux 2023 or Amazon Linux 2. Amazon Linux 2 is most similar to CentOS 7 and reuses the same configuration. Amazon Linux 2023 does not mirror CentOS as closely as it did in the past. It is a combination of multiple versions of Fedora and CentOS Stream 9. See [Relationship to Fedora](https://docs.aws.amazon.com/linux/al2023/ug/relationship-to-fedora.html). As a result, the `baseurl` of the yum repository will use `amazon/2023` as the distribution name and version number for Amazon Linux 2023.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

### Debian

- Determine the version of Debian you want to use.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

### Red Hat/CentOS

- Determine the version of Red Hat/CentOS you want to use.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

### Ubuntu

- Determine the version of Ubuntu you want to use.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

### Windows

- Determine the version of Windows you want to use. Version 4.50 and later of the Next-Gen WAF agent requires Windows 10 or Windows Server 2016 or higher.
-   [Copy the agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for the site that you want the agent to be able to access. You will use the agent keys when configuring the Next-Gen WAF agent package.

## Add the package repository

Begin the agent installation process by adding the appropriate package repository for your operating system.

> **HINT:** If you're installing the agent on Windows, you can skip this step and start [installing the agent package](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/installing-the-agent#install-and-configure-the-agent-package).

### Alpine Linux

Add the version of the Alpine package repository that you want to use.

> **NOTE:** 
>
> Following these instructions will configure your package manager to pull from `https://apk.security.fastly.com`. You can find the same package repositories at `https://apk.signalsciences.net`. To configure your package manager to pull from `https://apk.signalsciences.net`, replace all instances of `security.fastly.com` with `signalsciences.net` in the relevant code sample.
>
>

### Docker container

If you are running Alpine in a Docker container, complete the following steps:

1. Add the following to your Dockerfile:

   ```term copy nolinenums
   FROM alpine:3.20
   ENV ALPINE_VERSION=3.20
   RUN wget https://apk.security.fastly.com/sigsci_apk.pub && \
   apk add --repository https://apk.security.fastly.com/${ALPINE_VERSION}/main --no-cache && \
   apk update
   ```

2. Verify the downloaded key contains the proper key by running the following command:

   ```term copy
   $ openssl rsa -pubin -in /etc/apk/keys/sigsci_apk.pub -text -noout
   ```

   If the downloaded key contains the proper key, the expected output looks like the following:

   ```term nolinenums
   Public-Key: (2048 bit)
   Modulus:
      00:bb:23:1a:ef:0d:61:8f:8d:55:aa:ad:01:84:43:
      6c:46:42:42:ab:5b:ec:4e:4b:e2:e6:b6:e7:3d:45:
      b7:96:70:fe:16:95:aa:09:f1:90:82:40:e4:30:2b:
      9e:2a:03:e9:74:63:55:66:f0:db:8c:b9:5b:f8:45:
      5f:ad:4e:7a:14:da:02:83:c2:36:a0:84:74:a0:bb:
      f9:3f:03:c8:fe:80:6a:95:0c:17:22:55:40:30:18:
      51:d9:30:db:7c:1b:d0:06:4e:a9:51:1a:31:0e:33:
      f0:6e:ad:53:98:31:a5:ac:a3:a1:44:83:72:a1:ca:
      78:e3:24:70:ab:7a:0e:66:32:3b:f6:c9:90:16:dc:
      89:d0:52:7a:50:a8:f8:59:0a:34:12:2e:85:11:f5:
      80:0d:d4:7d:a7:7b:3b:d7:d9:1e:28:ed:bb:f7:08:
      2e:9f:73:a5:23:d8:53:b4:7e:21:dd:ae:92:4a:d0:
      5b:86:21:9c:82:05:21:29:eb:c1:ab:91:cd:1a:7b:
      95:6d:43:d3:1a:a9:62:2b:b0:95:9e:cf:18:82:64:
      02:f9:38:7e:7f:47:9f:d9:f3:ac:fd:2c:30:ff:75:
      b1:11:27:1c:7a:d6:ca:04:19:f8:31:80:42:e9:4a:
      0d:ab:d5:b8:ad:f2:35:31:a5:3f:98:19:99:fc:29:
      e8:4f
   Exponent: 65537 (0x10001)
   ```

### VM or bare-metal server

If you are running Alpine in a VM or on a bare-metal server, complete the following steps:

1. Run the following script to add the package repository:

   ```term copy nolinenums
   $ sudo apk update
   $ sudo apk add wget
   $ sudo wget -q https://apk.security.fastly.com/sigsci_apk.pub ; sudo mv sigsci_apk.pub /etc/apk/keys/
   $ sudo echo https://apk.security.fastly.com/3.19/main | sudo tee -a /etc/apk/repositories && sudo apk update
   ```

2. Verify the downloaded key contains the proper key by running the following command:

   ```term copy
   $ openssl rsa -pubin -in /etc/apk/keys/sigsci_apk.pub -text -noout
   ```

   If the downloaded key contains the proper key, the expected output looks like the following:

   ```term nolinenums
   Public-Key: (2048 bit)
   Modulus:
      00:bb:23:1a:ef:0d:61:8f:8d:55:aa:ad:01:84:43:
      6c:46:42:42:ab:5b:ec:4e:4b:e2:e6:b6:e7:3d:45:
      b7:96:70:fe:16:95:aa:09:f1:90:82:40:e4:30:2b:
      9e:2a:03:e9:74:63:55:66:f0:db:8c:b9:5b:f8:45:
      5f:ad:4e:7a:14:da:02:83:c2:36:a0:84:74:a0:bb:
      f9:3f:03:c8:fe:80:6a:95:0c:17:22:55:40:30:18:
      51:d9:30:db:7c:1b:d0:06:4e:a9:51:1a:31:0e:33:
      f0:6e:ad:53:98:31:a5:ac:a3:a1:44:83:72:a1:ca:
      78:e3:24:70:ab:7a:0e:66:32:3b:f6:c9:90:16:dc:
      89:d0:52:7a:50:a8:f8:59:0a:34:12:2e:85:11:f5:
      80:0d:d4:7d:a7:7b:3b:d7:d9:1e:28:ed:bb:f7:08:
      2e:9f:73:a5:23:d8:53:b4:7e:21:dd:ae:92:4a:d0:
      5b:86:21:9c:82:05:21:29:eb:c1:ab:91:cd:1a:7b:
      95:6d:43:d3:1a:a9:62:2b:b0:95:9e:cf:18:82:64:
      02:f9:38:7e:7f:47:9f:d9:f3:ac:fd:2c:30:ff:75:
      b1:11:27:1c:7a:d6:ca:04:19:f8:31:80:42:e9:4a:
      0d:ab:d5:b8:ad:f2:35:31:a5:3f:98:19:99:fc:29:
      e8:4f
   Exponent: 65537 (0x10001)
   ```

### Amazon Linux

Add the version of the Amazon Linux package repository that you want to use.

> **NOTE:** 
>
> Following these instructions will configure your package manager to pull from `https://yum.security.fastly.com`. You can find the same package repositories at `https://yum.signalsciences.net`. To configure your package manager to pull from `https://yum.signalsciences.net`, replace all instances of `security.fastly.com` with `signalsciences.net` in the relevant code sample.
>
>

### Amazon Linux 2023

To add the Amazon Linux 2023 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/amazon/2023/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Amazon Linux 2

To add the Amazon Linux 2 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/el/7/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Debian

Add the version of the Debian package repository that you want to use.

> **NOTE:** 
>
> Following these instructions will configure your package manager to pull from `https://apt.security.fastly.com`. You can find the same package repositories at `https://apt.signalsciences.net`. To configure your package manager to pull from `https://apt.signalsciences.net`, replace all instances of `security.fastly.com` with `signalsciences.net` in the relevant code sample.
>
>

To add the package for Debian 9 (Stretch) and above, run the following script:

```term copy nolinenums
$ sudo apt-get update
$ sudo apt-get install -y apt-transport-https wget gnupg lsb-release
$ sudo wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/sigsci.gpg
$ sudo echo "deb [signed-by=/usr/share/keyrings/sigsci.gpg] https://apt.security.fastly.com/release/debian/ `lsb_release -cs` main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list
$ sudo apt-get update
```

If installing the utilities fails, some customers may need to add the archive repositories first for older versions of Debian. For example, in Debian 10 (Buster), you would run the following script:

```term copy nolinenums
$ sudo echo "deb http://archive.debian.org/debian/ buster main contrib non-free" >> /etc/apt/sources.list
$ sudo apt-get update
```

### Red Hat/CentOS

Add the version of the Red Hat/CentOS package repository that you want to use.

> **NOTE:** 
>
> Following these instructions will configure your package manager to pull from `https://yum.security.fastly.com`. You can find the same package repositories at `https://yum.signalsciences.net`. To configure your package manager to pull from `https://yum.signalsciences.net`, replace all instances of `security.fastly.com` with `signalsciences.net` in the relevant code sample.
>
>

### Red Hat/CentOS 10

To add the Red Hat/CentOS 10 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/el/10/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Red Hat/CentOS 9

To add the Red Hat/CentOS 9 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/el/9/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Red Hat/CentOS 8

To add the Red Hat/CentOS 8 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/el/8/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Red Hat/CentOS 7

To add the Red Hat/CentOS 7 package, run the following script:

```term copy nolinenums
$ sudo tee /etc/yum.repos.d/sigsci.repo <<-'EOF'
[sigsci_release]
name=sigsci_release
baseurl=https://yum.security.fastly.com/release/el/7/$basearch
repo_gpgcheck=1
gpgcheck=1
enabled=1
gpgkey=https://yum.security.fastly.com/release/gpgkey https://dl.security.fastly.com/sigsci-agent/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF
```

### Ubuntu

Add the version of the Ubuntu package repository that you want to use.

> **NOTE:** 
>
> Following these instructions will configure your package manager to pull from `https://apt.security.fastly.com`. You can find the same package repositories at `https://apt.signalsciences.net`. To configure your package manager to pull from `https://apt.signalsciences.net`, replace all instances of `security.fastly.com` with `signalsciences.net` in the relevant code sample.
>
>

### V24.04

To add the Ubuntu 24.04 - Noble package, run the following script:

```term copy nolinenums
$ sudo apt-get update
$ sudo apt-get install -y apt-transport-https wget gnupg
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/sigsci.gpg
$ sudo echo "deb [signed-by=/usr/share/keyrings/sigsci.gpg] https://apt.security.fastly.com/release/ubuntu/ noble main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list
$ sudo apt-get update
```

### V22.04

To add the Ubuntu 22.04 - Jammy package, run the following script:

```term copy nolinenums
$ sudo apt-get update
$ sudo apt-get install -y apt-transport-https wget gnupg
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo gpg --dearmor -o /usr/share/keyrings/sigsci.gpg
$ sudo echo "deb [signed-by=/usr/share/keyrings/sigsci.gpg] https://apt.security.fastly.com/release/ubuntu/ jammy main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list
$ sudo apt-get update
```

### V20.04

To add the Ubuntu 20.04 - Focal package, run the following script:

```term copy nolinenums
$ sudo apt update
$ sudo apt-get install -y apt-transport-https wget
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo apt-key add -
$ sudo echo "deb https://apt.security.fastly.com/release/ubuntu/ focal main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list && sudo apt-get update
```

### V18.04

To add the Ubuntu 18.04 - Bionic package, run the following script:

```term copy nolinenums
$ sudo apt update
$ sudo apt-get install -y apt-transport-https wget
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo apt-key add -
$ sudo echo "deb https://apt.security.fastly.com/release/ubuntu/ bionic main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list && $ sudo apt-get update
```

### V16.04

To add the Ubuntu 16.04 - Xenial package, run the following script:

```term copy nolinenums
$ sudo apt-get install -y apt-transport-https wget
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo apt-key add -
$ sudo echo "deb https://apt.security.fastly.com/release/ubuntu/ xenial main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list && $ sudo apt-get update
```

### V14.04

To add the Ubuntu 14.04 - Trusty package, run the following script:

```term copy nolinenums
$ sudo apt-get install -y apt-transport-https wget
$ wget -qO - https://apt.security.fastly.com/release/gpgkey | sudo apt-key add -
$ sudo echo "deb https://apt.security.fastly.com/release/ubuntu/ trusty main" | sudo tee /etc/apt/sources.list.d/sigsci-release.list && $ sudo apt-get update
```

## Install and configure the agent package

After adding the package repository, install and configure the Next-Gen WAF agent.

### Alpine Linux

1.   Run the following command to install the Next-Gen WAF agent package:

   ```term copy
   $ sudo apk add sigsci-agent
   ```

2.   Create an empty agent configuration file in the following directory: `/etc/sigsci/agent.conf`.

3.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

4.   Save the agent configuration file.

### Amazon Linux

1.   Run the following command to install the Next-Gen WAF agent package:

   ```term copy
   $ sudo yum install sigsci-agent
   ```

2.   Create an empty agent configuration file in the following directory: `/etc/sigsci/agent.conf`.

3.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

4.   Save the agent configuration file.

### Debian

1.   Run the following command to install the Next-Gen WAF agent package:

   ```term copy
   $ sudo apt-get install sigsci-agent
   ```

2.   Create an empty agent configuration file in the following directory: `/etc/sigsci/agent.conf`.

3.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

4.   Save the agent configuration file.

### Red Hat/CentOS

1.   Run the following command to install the Next-Gen WAF agent package:

   ```term copy
   $ sudo yum install sigsci-agent
   ```

2.   Create an empty agent configuration file in the following directory: `/etc/sigsci/agent.conf`.

3.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

4.   Save the agent configuration file.

### Ubuntu

1.   Run the following command to install the Next-Gen WAF agent package:

   ```term copy
   $ sudo apt-get install sigsci-agent
   ```

2.   Create an empty agent configuration file in the following directory: `/etc/sigsci/agent.conf`.

3.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

4.   Save the agent configuration file.

### Windows

1. Create an empty agent configuration file at `C:\Program Files\Signal Sciences\Agent\agent.conf`.

   - If you need to specify a custom location for the `agent.conf` file, set the absolute file path with the system environment variable `SIGSCI_CONFIG`.
   - If you are deploying the agent in reverse proxy mode, check out the [Reverse Proxy Mode](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/reverse-proxy-deployment/configuring-agent-reverse-proxy-deployments/) configuration page for details on required configuration options.

2.   Add the [agent keys](/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys) for your site to the agent configuration file.

   ```
   accesskeyid = "AGENTACCESSKEYHERE"
   secretaccesskey = "AGENTSECRETACCESSKEYHERE"
   ```

3. Download the latest Next-Gen WAF agent `.msi` from [dl.security.fastly.com](https://dl.security.fastly.com/?prefix=sigsci-agent/) or [dl.signalsciences.net](https://dl.signalsciences.net/?prefix=sigsci-agent/).

4. Run the `.msi` to install the Agent automatically with no prompts. It will install the executable in `C:\Program Files\Signal Sciences\Agent`, add a service entry for the Agent, and start the service if the agent configuration file is present with valid `accesskeyid` and `secretaccesskey` settings.

   The installed service name is `sigsci-agent` and can be controlled with PowerShell cmdlets:

   ```term copy nolinenums
   $ Start-Service sigsci-agent
   $ Restart-Service sigsci-agent
   $ Stop-Service sigsci-agent
   ```

   Alternatively, you can download the latest Next-Gen WAF agent for Windows as a `.zip` file, which contains the agent binary. You can run this from any location you prefer. However, to install the agent in this way, you will need to configure the Service entry and start the service manually.

   Example `services.msc` screenshot:

   ![Example 'services.msc' screenshot with the 'Signal Sciences Agent' service highlighted.](/img/ngwaf/win-service.png)

## Start the agent

Next, start the Next-Gen WAF agent that you installed.

> **NOTE:** If you installed the agent on Windows, you can skip this step. The last step of the installation process started the agent.

### Alpine Linux

If you are running Alpine in a Docker container, run the following command to start the Next-Gen WAF agent:

```term copy
$ /usr/sbin/sigsci-agent
```

If you are running Alpine in a VM or on a bare-metal server, run the following command to allow the agent to start on reboot:

```term copy
$ sudo rc-update add sigsci-agent default
```

Then, start the agent by running any of the following commands:

```term copy nolinenums
$ sudo service sigsci-agent start
$ sudo rc-service sigsci-agent start
$ sudo /etc/init.d/sigsci-agent start
```

### Amazon Linux

If you added the Amazon Linux 2 package, run the following command to start the Next-Gen WAF agent:

```term copy
$ sudo systemctl start sigsci-agent
```

### Debian

For Debian, run the following command to start the Next-Gen WAF agent:

```term copy
$ sudo systemctl start sigsci-agent
```

### Red Hat/CentOS

For Red Hat/CentOS versions 7 and above, run the following command to start the Next-Gen WAF agent:

```term copy
$ sudo systemctl start sigsci-agent
```

### Ubuntu

Run the following command to start the agent:

```term copy
$ sudo systemctl start sigsci-agent
```

## Next steps

Continue setting up your Next-Gen WAF deployment by installing the [Next-Gen WAF module](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/module-agent-deployment/about-module-agent-deployment) or configuring the agent to [run as a reverse proxy](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/reverse-proxy-deployment/about-reverse-proxy-deployment).

If your agent is on Debian, Red Hat/CentOS, or Ubuntu, consider enabling the [agent auto-update service](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/upgrading-an-agent#working-with-the-agent-auto-update-service). This service checks [our package downloads website](https://dl.security.fastly.com/?prefix=sigsci-agent/) for a new version of the agent and updates the agent when a new version is available.

## Related content

- [Getting started with the agent](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/getting-started-with-the-agent)
- [Accessing agent keys](https://www.fastly.com/documentation/guides/next-gen-waf/setup-and-configuration/agent-management/accessing-agent-keys)