Symantec endpoint protection linux

Symantec Single Agent for Linux and the Symantec Endpoint Protection Linux Agent

For 14.3 MP1 and earlier: The Linux agent is known as the Symantec Endpoint Protection client for Linux.

For 14.3 RU1 and later: The Linux agent is known as the Symantec Single Agent for Linux.

╔══════════════╦════════════════════════╦═════════════════════════════════════════╗ ║ Release Name ║ Version (build number) ║ Symantec Agent for Linux version (SEPM) ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU5 ║ 14.3.3068.5000 ║ 14.3.3068.5000 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU4 ║ 14.3.2147.4000 ║ 14.3.2147.4000 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU3 ║ 14.3.5413.3000 ║ 14.3.202.3000 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU2 ║ 14.3.4615.2000 ║ 14.3.96.2000 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU1 MP1 ║ 14.3.3580.1100 ║ 14.3.459.1100 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 RU1 ║ 14.3.3384.1000 ║ 14.3.459.1000 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 MP1 ║ 14.3.1148.0100 ║ 14.3.1148.0100 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.3 ║ 14.3.558.0000 ║ 14.3.558 ║ ╠══════════════╬════════════════════════╬═════════════════════════════════════════╣ ║ 14.2 RU2 MP1 ║ 14.2.5587.2100 ║ 14.2.5587 ║ ╚══════════════╩════════════════════════╩═════════════════════════════════════════╝

Deploy Symantec Endpoint Agents on Linux systems

• You cannot deploy the Linux Agent from Symantec Endpoint Protection Manager remotely.
• Symantec Linux Agent 14.3 RU1 and later cannot run as an unmanaged device. All management tasks must be performed in Symantec Endpoint Protection Manager or in the cloud console.

Auto-compile for the Symantec Endpoint Protection client for Linux

For 14.3 MP1 and earlier: The Auto-Protect only functioned when the Linux computer’s operating system ran a supported kernel. Alternately, you can manually compile the Auto-Protect kernel module.

Auto-compile automatically launches during installation if needed. You do not need to take any action to launch auto-compile. If the auto-compile process successfully completes, the terminal window displays the following:

Build Auto-Protect kernel modules from source code successfully

If the auto-compile process fails, Auto-Protect installs but remains disabled. The terminal window displays a message similar to the following:

Build Auto-Protect kernel modules from source code failed with error: (1,2,3)

Linux client graphical user interface

Symantec Agent for Linux 14.3 RU1 and later do not have a graphical user interface.

For 14.3 MP1 and earlier: Your Linux computer includes a graphical user interface (GUI), the Symantec Endpoint Protection for Linux client displays a yellow shield notification area icon on the status tray. The icon provides information about whether the client is connected to a management server and the protection status.

Client install packages for Symantec Agents for Linux

For 14.3 MP1 and later: You can export the Symantec Single Agent for Linux as follows:

The installation package when you’ve exported the Symantec Single Agent for Linux.

For 14.3 MP1 and earlier: You can export the Symantec Endpoint Protection client for Linux for Red Hat base or Debian base.

The installation package when you’ve exported the Symantec Endpoint Protection client for Linux.

Read more: Install Symantec Endpoint Agents for Linux

Источник

Symantec endpoint protection linux

It is necessary to go through specific steps for the installation of the Symantec Endpoint Protection for Linux (SEPFL) agent.

Environment

Symantec Endpoint Protection for Linux 14.3 MP1 and below

Resolution

Supported Linux Kernels

Note: A minor variance in the kernel versions listed are still considered supported, however the SEP AutoProtect module may need recompiling. As in the possible SEP installer message, «The current kernel is not supported, if you want to make AutoProtect work properly, please switch to the folder ‘src’ under your install image, decompress the source code file and run build.sh to compile and install the drivers for AutoProtect.» Recompiling the AutoProtect modules requires kernel-devel and other software development tools.

Linux Development Tools

Linux development tools may be necessary, if the SEPFL installer needs to recompile the AutoProtect module for your kernel version. Development tools are available from Linux installer discs or repositories. The tools package name varies, depending on the Linux release and version: e.g. kernel-devel, linux-headers, kernel-source, linux-source. See How to Manually compile Auto-Protect kernel modules for Endpoint Protection for Linux for more information.

Oracle Java is not required by SEP 14 or newer.

In version 12.1 of SEP for Linux, Oracle Java (TM) 1.5 or later is required by LiveUpdate; Java 7 or 8 is required. Java 9 is not currently supported. The Java version command:

(«[path_to_java]/bin/java -v») should identify as «Java HotSpot (TM)»

Note: OpenJDK, IcedTea, etc are not supported by SEP.

Java Cryptography Extension (JCE)

The matching Unlimited Java Cryptography Extension (JCE) files are also required by SEPFL; JCE files and installation instructions are downloadable at http://www.oracle.com/technetwork/java/javase/downloads/index.html#other.

The Java folder used by SEPFL must be owned by superuser. To set superuser ownership:

sudo chown -R root:root /usr/local/lib/jre-1.7.0_75/ # for example

32-Bit Linux Libraries

For both 32-bit and 64-bit Linux systems 32-bit libraries are required. These packages are required for SEPFL to function.

On CentOS or RHEL systems (yum), run the following commands:

sudo yum install glibc.i686 libgcc.i686 libX11.i686

On Debian or Ubuntu based systems (apt-get), run the following commands:

sudo dpkg --add-architecture i386

sudo apt-get install libc6:i386 libx11-6:i386 libncurses5:i386 libstdc++6:i386

sudo apt-get install lib32ncurses5 lib32z1

Symantec documented disk space requirements can lag behind the state of the product and the maximum size of a definition update download. Please ensure that sufficient disk space is available in /opt/ and /tmp/ . According to most recent testing with SEP 12.1 RU6, total pre-installation space requirements are about 9GB for /opt/ and 1.5GB for /tmp/ . The /tmp/ requirement and about 4GB of /opt/ are needed for working space when updating definitions.

The SEP client Graphical User Interface (GUI) is optional, but it requires either KDE or Gnome graphical desktop environments in order to be installed for viewing. Also ncompress and sharutils packages are required by the Intelligent Updater, which can be obtained by the following Terminal command:

sudo yum install ncompress sharutils

Источник

How to Install Symantec Endpoint Protection in Linux (with Screenshot)

In this article, we will learn How to Install Symantec Endpoint Protection in Linux. We are going to perform this SEP client installation on CentOS. Although we can use these steps on RHEL and Fedora as well.

We will install Symantec Endpoint Protection 14.3 in CentOS 8. CentOS is a Linux distribution that provides a free, community-supported computing platform functionally compatible with its upstream source, Red Hat Enterprise Linux.

Pre-requisite check before installing SEP in Linux

• Before the installation, it is recommended to check the Supported Linux kernels for Endpoint Protection 14.x.
• Export the SEP rpm client from SEPM Manager.
• Install the kernel headers and devel.
• Install dependencies.

Find Linux OS version

Run the following command to find the Linux OS version.

Find Linux OS Kernel version

Run the following command to find the Linux OS Kernel version.

Find and install kernel headers and devels

Run the following command to find the Linux OS kernel headers and devels installed.

If you find the kernel headers and devel are not installed, or multiple headers and devel present, make sure you install the same version. Run the below command to install kernel headers and devel.

sudo yum install kernel-headers

sudo yum install kernel-devel

Install Dependencies before Install Symantec Endpoint Protection in Linux

Now we will install the 32-bit libraries. Run the below commands to install the dependencies.

sudo yum install glibc.i686

sudo yum install libgcc.i686

If you are only using the CLI, you do not need to run this command. This command is required if you are using a GUI.

sudo yum install libX11.i686

Copy and Extract Installer to Linux System

Before Install Symantec Endpoint Protection in Linux, copy the installer to the system which we have extracted from the SEPM manager.

Here we recommend copying the SEP installer to /tmp to avoid permission issues. Although you can copy the SEP installer to any folder you wish.

If you copied the zip file, run the below command to extract it. Here we named the extracted folder as sep.

sudo unzip -d sep FileName.zip

Change File Permission

We assume you copied the SEP installation folder in /tmp. Run the cd /tmp/sep to change the directory.

Use command ls -l to check if the install.sh and pkg.sig has R+W+X permission. If not, run the below command to grant the permission.

sudo chmod 777 install.sh pkg.sig

Install Symantec Endpoint Protection in Linux

So, we are ready to install Symantec Endpoint Protection in Linux. We have installed and configured all the prerequisites, copied the SEP rpm package, and granted the RWX permission. Now let’s start with the Installation steps.

Step 1: Run the installer install.sh with -i argument.

Step 2: Verify the SEP installation

Once installation is completed, the command prompt returns the successful prompt and services will automatically start. Now run the below command to navigate to by default SEP installation directory.

cd /opt/Symantec/symantec_antivirus

Now run the below command to check the installed SEP version.

Step 3: Verify the communication status between SEP client and SEPM

To verify the connection status between the Linux system and the SEPM server run the below command.

Now reboot your system to complete all the installation changes made during the SEP installation in Linux OS.

Well, we have successfully Install Symantec Endpoint Protection in Linux. You might get some errors in case of a mismatch between the supported Linux kernel and SEP version. We strongly recommend you to log a case with Symantec for such an error.

See more how-to articles on Symantec.

Источник