Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Creating a Deep Security Agent (DSA) gold image for Linux

    • Updated:
    • 9 Jan 2014
    • Product/Version:
    • Deep Security 9.0
    • Platform:
    • Linux - Red Hat RHEL 5 32-bit
    • Linux - Red Hat RHEL 5 64-bit
    • Linux - Red Hat RHEL 6 32-bit
    • Linux - Red Hat RHEL 6 64-bit
    • Linux - SuSE 10
    • Linux - SuSE 11
Summary
There are two options when deploying a DSA on a Linux image:
  • Deploy the Agent during reprovisioning.
  • Deploy the Agent before reprovisioning.
Details
Public
Option A: Deploy the DSA when the image is reprovisioned.
In this method:
  • The Agent is installed as part of the startup script when deploying a new gold image.
  • The Generate Deployment Scripts functionality is used to deploy the DSA on a Linux image. It is the preferred method and involves less scripting.
Do the following on the Deep Security Manager (DSM) console:
  1. Click the Administration tab in the top section and then click Updates in the left sidebar.
  2. If the Linux agent is not listed, click the Import Software button, and then import the Agent into the DSM from the location of your downloaded copy.
  3. Click the View Imported Software button at the bottom part of the console.
  4. Select the Linux agent and then click the Generate Deployment Scripts button.
    You can set the script to automatically activate the Agent after the deployment and set a specific policy for the Agent.
  5. Include the generated deployment script in a startup script and place it on your GOLD Linux image.
For a cleaner process, we suggest deleting the startup script after running it.
Option B: Deploy the DSA before the image is reprovisioned.
In this method, the DSA is already installed but not yet activated. Some scripting is required to start and activate the Agent.
Perform the following on the gold image before reprovisioning:
  1. Install the DSA software on the image.
  2. Stop the ds_agent process.
  3. Delete all the DB, INI, and CRT files.
  4. Place a startup script on the image that would start the ds_agent as well as activate the agent using the dsa_config command.
  5. Stop the gold image.
When the Linux image is provisioned, the startup script would need to run to start and then activate the agent.
In case you encounter issues with DSA activation, refer to this KB article: Event ID 705: Activation Failed appears when activating the Deep Security Agent (DSA)
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy; Install
Solution Id:
1099721
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.