Pls check my previous blogs for the DSM , Relay Server , vShield Endpoint, Filter Driver and DSVA installation and all its features.In this Blog we will see the Deep Security Agent functions and steps involved to install it in Linux and Physical Windows Server.
Deep Security Agent : Non-Windows VMs (such as Linux), the agent is deployed directly to the VM’s OS computer, providing Intrusion Prevention, Firewall, Web Application Protection, Application Control, Integrity Monitoring and Log Inspection protection. This is the traditional client-server deployment model and the agent could be included within the imaging process or pushed out from the DSM.
Deep Security Agent
◦ with Anti-Malware protection: 512MB
◦ without Anti-Malware protection: 128MB
- Disk Space: 1GB
◦ with Anti-Malware protection: 1GB
◦ without Anti-Malware protection: 500MB
◦ with Relay functionality enabled: 8GB
- Supported Platforms: Windows, Linux, Solaris, AIX, HP-UX, CloudLinux, Amazon Lin ux, Oracle Linux, Ubuntu, SuSE.
Like DSVA make sure the PORTS are open in firewall between Linux installed agent server and DSM\Relay server.
DSM –> DSA installed Linux Server
port used: 4118 for manager initiated communication
DSA installed Linux Server–> DSM
port used: 4120 for agent initiated communiction
DSA installed Linux Server –> Relay
Port used: 4122 for sending updates etc
Pls check the below link for kernel support by Trend.
Installation Steps of DSA in Linux Server.
In Linux Server pls follow the below steps to install the agant.
Go to the linux machine –
Copy the rpm file to the Linux machine.
Install the agent. #rpm -ivh filename.rpm
After the installation, check the status of the ds_agent. #service ds_agent status
Activate the machine using the Deep Security Web Console.
If the machine shows managed (online) status, then proceed to assign a security policy with anti-malware feature enabled.
Wait for a few minutes and see if anti-malware protection comes online.
Anti-Malware Engine offline after DSA instillation.
Once the DSA Installation is completed , Linux Server have to report to DSM with Anti-Malware Engine online , In case if its showing offline then check the Relay Server service and also thethe above mentioned ports between Linux server and Relay Server . If port is open but still the engine is offline then follow the below method to fix the same.
. Unassign the Security Policy from the machine
De-activate the agent.
Go to the linux machine, uninstall the ds_agent and Re-install with the same installation steps.
DSA Additional Information:
We can see Deep Security Agent releted files in the below path.
Go to cd\opt\ds_agent
To get logs related to DSA Under log :
more messages | grep filter
To get the Installation related files:
rpm -ql ds_agent.
DSA Installation on Windows Physical Machines , Its very straight froward , just down load the latest agent from the local in DSM and start the installation like below.
Once the installation is completed , we can see the icon in the status bar and also the agent in the services..
In My Next Blog we can see the Installation and function of Trend Smart Protection Server.