DLP Detection Server setup and manual Upgrade
Purpose
The purpose of this walk through is to help others install a DLP detection server and then manually upgrade the agent version. After trying to find some documentation and failing I thought it would be worth properly documenting the process along with screenshots.
Environment
Winscp
Symantec DLP
Moba xterm
Red hat Linux 7.5
Setting up Detection Server
- Copy ProtectInstaller64_15.0.sh to /opt/temp using winscp
- Give temp folder 0777 permissions and set recursively
- Ssh into your linux server and go to the /opt/temp directory (cd /opt/temp)
Run this command ./ProtectInstaller64_15.0.sh (if you don’t have x11 forwarding setup use this command ./ProtectInstaller64_15.0. -c) in this instance we are using x11 forwarding so you will see the box below
5. Click next and accept the License Agreement
6.After you have accepted the agreement you will be prompted on which component you want to install select ‘Detection’ and click next as per image below
7. If your server is on a hosted environment such as AWS or Azure then tick the box, if it on-premise then don’t check the box as per image below 
8.On the next screen ‘Destination Directory’ click next
9.On the next screen uncheck the symlinks option and click next as per image below 
10. We now need to set the password for protect do this and click next as per image below 
11. Accept the default transport config and press next as per image below 
12. Setup will now complete on its own, when setup is finished you will be asked if you want to start Symantec DLP Services leave this option ticked and press finish as per image below
13. Now that we have installed the detection server we need to register this with the enforce server. To do this log on to your enforce server. Once you’re logged in navigate to ‘System-Servers & Detectors-Overview’ click on the ‘Add Server’ button as per image below
14. Select Software Server and in this instance I will be adding a ‘Network Discover/Cloud Storage Discover’ click next as per image below
15. Next add in your server details as per the image below once you have entered the details press save 
16. The detection server will be added and the service will start automatically as per the image below 
Version Upgrade
As you can see in the above image we need to update the Discovery server to the latest version. To do this you will need to download the update from Symantec. Once you have downloaded the file
1. unzip the file that has just been downloaded. Using winscp Copy the file (15.0.01_Upgrader_Linux.jar) to /opt/SymantecDLP/Protect/updates/DetectionUpgradePackages and set the permissions to 0777 and check the ‘Set group, owner and permissions recursively as per image below
2. Ssh into your detection server and using the command go to the following cd /opt/SymantecDLP/Protect/updates/DetectionUpgradePackages
3. Next run Unzip 15.0.01_Upgrader_Linux.jar in the DetectionUpgradesPackage
4. Once you have unzipped the .jar file above run Unzip 15_0_01LinuxDetectionUpgradePackage.jar when prompted enter ‘A’
5. Now both .JAR files have been unzipped we need to set the permissions use Chmod -R a+x /opt/SymantecDLP/Protect/updates/DetectionUpgradePackages
6. We no need to change user to protect do this by using su -protect
7. We will now start the upgrade of the Discover server by typing the following ./start_local_upgrade.sh if you don’t have x11 forwarding set you can use ./start_ local_upgrade.sh -c in this instance I am using x11 forwarding. When you press enter you will be prompted with the setup wizard as per image below press next
8. Accept the default as per the image below and press next
9.The upgrader will stop the services and back up the server before it continues to run the update, this could take a few minutes.
10. Once the upgrade is finished you will see the image below press Finish 
11.Once you have finished you will need to restart the Vontu services, you can either start them manually or reboot the server. To start the services manually you will need to cd /opt/SymantecDLP/Protect/bin you will need to start the services in this order
./VontuMonitor.sh start
./VontuUpdate.sh start
12. Log back into your enforce server and go to ‘System – Servers & Detector – Overview’ you should now see that your server is update as per the image below
I hope that anyone who comes across this document finds it helpful and resourceful. If you have any questions then please feel free to ask.
Thanks