Generating agent installation packages for Symantec DLP

Run another search:
You are here:
< Back

 

1. Navigate to the Agent Packaging page.

Log on to the Enforce Server administration console as an administrator and navigate to the System > Agents > Agent Packaging page.

 

2. Select one or more DLP Agent installation files.

Browse to the folder on the Enforce Server where you copied the agent installer files:

Windows 64-bit: AgentInstall64_15_0.msi

Windows 32-bit: AgentInstall_15_0.msi

Mac 64-bit: AgentInstall_15_0.pkg

3. Select the agent version. Select an item in the Select the agent version list that matches the agent installer files you selected.

You must select 32- and 64-bit installation files that match the agent version you selected. For example, selecting a version 14.6 32-bit and a version 15.0 64-bit installation file while selecting Version 15.0 in the list is unsupported. Selecting mis-matched versions prevents agents from installing on endpoints.

 

4. Enter the server host name. Typically you enter the common name (CN) of the Endpoint Server host, or you can enter the IP address of the server.

Be consistent with the type of identifier you use (CN or IP). If you used the CN for the Endpoint Server when deploying it, use the same CN for the agent package. If you used an IP address to identify the Endpoint Server, use the same IP address for the agent package.

Alternatively, you can enter the CN or IP address of a load balancer server.

 

5. Enter the port number for the server.

The default port is 10443. Typically you do not need to change the default port unless it is already in use or intended for use by another process on the server host.

 

6. Add additional servers (optional).

Click the plus sign icon to add additional servers for failover.

Symantec Data Loss Prevention allots 2048 characters for Endpoint Server names. This allotment includes the characters that are used for the Endpoint Server name, port numbers, and semicolons to delimit each server.

The first server that is listed is the primary; additional servers are secondary and provide backup if the primary is down.

See the topic “About Endpoint Server redundancy” in the Symantec Data Loss Prevention Installation Guide.

 

7. Enter the Endpoint tools password.

A password is required to use the Endpoint tools to administer DLP Agents. The Endpoint tools password is case-sensitive. The password is encrypted and stored in a file on the Enforce Server. You should store this password in a secure format of your own so that it can be retrieved if forgotten.

After installing agents, you can change the password on the Agent Password Management screen.

8. Re-enter the Endpoint tools password.

The system validates that the passwords match and displays a message if they do not.

 

9. Enter the target directory for the agent installation (Windows only).

The default installation directory for Windows 32- and 64-bit agents is %PROGRAMFILES%\Manufacturer\Endpoint Agent. Change the default path if you want to install the Windows agent to a different location on the endpoint host. You can only install the DLP Agent to an ASCII directory using English characters. Using non-English characters can prevent the DLP Agent from starting and from monitoring data in some scenarios.

Include the drive letter if you plan to change the default directory. For example, use C:\Endpoint Agent. Not including a drive letter causes the agent installation to fail.

The target directory for the Mac agent is set by default.

10. Enter the uninstall password (optional, Windows only).

The agent uninstall password is supported for Windows agents. The uninstall password is a tamper-proof mechanism that requires a password to uninstall the DLP Agent.

The password is encrypted and stored in a file on the Enforce Server. You should store this password in a secure format of your own so that it can be retrieved if forgotten.

See the topic “About uninstallation passwords” in the Symantec Data Loss Prevention Installation Guide.

After installing agents, you can change the password on the Agent Password Management screen.

11. Re-enter the uninstall password.

The system validates that the passwords match and displays a message if they do not.

 

12. Click Generate Installer Packages.

This action generates the agent installer package for each platform that you selected in step 3.

If you generate more than one package the generation process may take a few minutes.

 

13. Save the agent package zip file.

When the agent packaging process is complete, the system prompts you to download the agent installation package. Save the zip file to the local file system. After you save the file you can navigate away from the Agent Packaging screen to complete the process.

If you generated a single agent package, the zip file is named one of the following corresponding to the agent installer you uploaded:

AgentInstaller_Win64.zip

AgentInstaller_Win32.zip

AgentInstaller_Mac64.zip

If you upload more than one agent installer, the package name is AgentInstallers.zip. In this case, the zip file contains separate zip files for each agent package for each platform you selected in step 23.

14.Install DLP Agents using the agent package.

Once you have generated and downloaded the agent package, you use it to install all agents for that platform.

See the topic “DLP Agent installation overview” in the Symantec Data Loss Prevention Installation Guide.

Was this article helpful?
0 out Of 5 Stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
How can we improve this article?