Content:
- Overview
- Descriptive steps
- What to do after installation
- Related articles
Overview
- How to install Windows agent,
- How to install UNIX/Solaris agent,
- Agent status after installation,
- How to change the configuration of an agent.
Descriptive steps
The installation of the CSP agent is quite easy to perform on all platforms. However, there are a few prerequisites before installing.
For all operating systems, the port 443 and 2222 must be opened for the agent to register and communicate with the Management Server.
List of CSP agent installation files:
1) How to install Windows agent:
To see the list of supported Windows Operating Systems, refer to the SCSP_Platform_Feature_Matrix.pdf.
There is a single installation file for Windows agent which is the agent.exe file.
a. Export the agent.exe file and the agent-cert.ssl file (agent certificate) on the Windows server,
b. Double click the agent.exe to start the installation:
c. Specify the agent name and enable/disable IPS:
d. Specify the Primary Management Server Hostname/IP address as well as the location of the agent-cert.ssl file:
e. Review the CSP agent configuration:
f. Complete the installation process.
Note: A restart of the Windows Server is required if IPS is set to Enabled.
2) How to install UNIX/Solaris agent:
To see the list of supported UNIX/Solaris Operating Systems, refer to the SCSP_Platform_Feature_Matrix.pdf.
Prerequisite: Disable SELinux/AppArmor/TrustedAIX/Kerberos prior installing.
a. Export the agent-solarisXX-<architecture>.bin file and the agent-cert.ssl file (agent certificate) on the Solaris server,
Note: In this example, the binary and certificate files have been placed in the /tmp folder.
b. Change the permissions for the binary file:
c. Run the binary file to start the agent installation:
d. Accept the Agreement:
e. Specify the Primary Management Server Hostname/IP address, the certificate path and the agent name:
f. Review the CSP agent configuration and press ENTER to complete the installation:
Note: A restart of the Solaris Server is required if IPS is set to Enabled.
3) Agent status after installation:
After the installation, the CSP agent shows up in the SCSP Management Console as Online. However, from the Pevention View tab, the agent displays the status "Pending restart" as shown below as long as the agent has not been restarted:
After the restart of the agent, the "Pending restart" status is replaced by the crossed shield icon, status Unprotected:
This icon indicate that IPS is well enabled with the default "sym_win_null_sbp" prevention policy. The unprotected status will remain as long as no prevention policy other then the one by default is applied. Once an IPS policy is applied to the agent, the status will change to Protected unless the option "Disable prevention -- Log but do not prevent policy violations" is enabled.
Status Protected:
However, if IPS has been disabled during the installation of the agent, the agent shows the status Disabled:
4) How to review/change the configuration of an agent:
Windows agents
The sisipsconfig is located in C:\Program Files\Symantec\Critical System Protection\Agent\IPS\bin and can be run as Administrator and Standard user.
Example:
sisipsconfig -test
UNIX and Solaris agents
The sisipsconfig.sh is located in /opt/Symantec/scspagent/IPS/ and it is required to SU sisips user from root to use the tool.
Example:
./sisipsconfig.sh -test
Some of the most useful commands:
-t (-test) to test the connection from the agent to the Management Server.
-view to see the current settings of the agent.
-c (-certfile) to replace the agent certificate file.
-forcereg to force the agent to re-register with the Managemtn Server.
For more details on the Agent Configuration Tool and its commands, refer to the article "How to use the SCSP Agent Configuration Tool"
What to do after installation
You can begin enforcing the Symantec Critical System Protection policies on agents immediately after agent installation and registration with the management server.
Symantec recommends that you first apply a policy to a few agents, and then verify that the agent computers are functioning properly with the applied policy.
See the Symantec Critical System Protection Administration Guide for information about applying policies to agents.
Related articles
How to install SCSP with Microsoft SQL Server 2008 R2 Express Edition
SCSP - Error "Database population FAILED"
How to install SCSP agent on Windows, UNIX and Solaris
How to use the SCSP Agent Configuration Tool
How to upgrade SCSP to a newer release
How to import, create and update default policies in SCSP
Configuring Virtual Agents in SCSP 5.2 RU8
How to install the SCSP SymIDS ISAPI filter on Windows Server 2008 R2
Symantec Critical System Protection 5.2 RU9 Docs
Download