Hi,
This article will demonstrate how to install Symantec Endpoint Protection on Red Hat Linux machine.
The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5
SEP for Linux clients can now be managed by an RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.
There are certain requirements and pre-requisites to install Symantec Endpoint Protection for Linux.
1) Symantec Endpoint Protection requires a specific kernel on the system before installing Symantec AutoProtect package or otherwise you should compile your own kernel with our AutoProtect to ensure it will function properly. For a list of supported kernels please see:
http://www.symantec.com/docs/TECH223240
If you use a version of a Linux distribution that uses a Symantec Endpoint Protection legacy kernel and need to troubleshoot issues with it, you would need to update the Linux distribution to use a supported kernel version and then reproduce the issue.
For example, Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.el6.* is listed as a supported kernel, but you can also use version Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.17.1.el6.* with Symantec Endpoint Protection for Linux
Make sure you are login with the necessary priviledge, can verify with the command 'whoami'
Note: You must have superuser privileges to install the Symantec Endpoint Protection client on the Linux computer.
In this example I have logged with root user.
Type command 'uname -a' to verify the kernel version details.
Verify the Java version details:
Type command "java -version"
Symantec Java LiveUpdate (JLU) requires Sun Java VM (Virtual Machine ) version 1.5 or above to ensure LiveUpdate works correctly
You cannot deploy the Linux client from Symantec Endpoint Protection Manager remotely. The installation steps are similar whether the client
is unmanaged or managed.
The only way to install a managed client is with an installation package that you create in Symantec Endpoint Protection Manager. You can convert an unmanaged client to a managed client at any time by importing client-server communication settings into the Linux client.
Export the linux package through the Symantec Endpoint Protection Manager console.
By default two pacakges are available to export.
1) RPM package for Red hat linux clients
2) Debian package for Ubuntu, Cent OS etc
Export the appropriate packages.
SEPM exports the package into .zip format.
Package size is around 38 MB only.
As said earlier, At this point SEPM does not have the functionality to push the linux package remotely, it can either create a Web Link and Email & Save Package.
In this article, I am saving this package locally on the System.
Copy the installation package that you created to the Linux computer. The package is a .zip file.
On the Linux computer, open a terminal application window.
Navigate to the installation directory with the following command:
cd /directory/
Here you can see it's under Downloads folder
Extract the contents of the .zip file into a directory named 'tmp' or you can extract at other location as well.
I did extract here at the same location.
Type command "Unzip SymantecEndpointProtection.zip"
To begin with install check the permission on install script.
By default Owner, Group & Otherw have read permission on install script. The installer is in read only. If you tried to install you will get permission denied error message like below.
Need to assign execute permission on install script
To correctly set the execute file permissions on install.sh, use the following command:
chmod u+x install.sh
Use the built-in script to install Symantec Endpoint Protection with the following command:
sudo ./install.sh -i
Enter your password if prompted
This script initiates the installation of the Symantec Endpoint Protection components. The default installation directory is as follows:.
/opt/Symantec/symantec_antivirus
The default work directory for LiveUpdate is as follows:
/opt/Symantec/LiveUpdate/tmp
The installation completes when the command prompt returns. You do not have to restart the computer to complete the installation.
To verify the client installation, click or right-click the Symantec Endpoint Protection yellow shield and then click Open Symantec Endpoint Protection. The location of the yellow shield varies by Linux version. The client user interface displays information about program version, virus definitions, server connection status, and management.
Under Clients tab can verify linux client status
Linux settings under Virus & Spyware policies:
Following commands can be issued on the linux machine from the SEPM console.
1) Scan
2) Update Content
3) Update Content & Scan
4) Enable Auto-Protect
I hope it's helpful!