Perform the following procedure to install Linux agents on endpoints.
Prerequisites
The following procedure assumes you have already:
- uploaded agent and rule packages as described in Uploading Agent Installers and Rules to the Server.
- created one or more security policies for your agents as described in "Creating and Configuring Policies" in the Carbon Black App Control User Guide.
- downloaded the appropriate installer as described in Downloading Agent Installers.
- For AD-based policy assignment, use an installer for any policy with automatic policy assignment enabled.
- The same downloaded agent installer can be used on multiple endpoints, and can also be distributed to endpoints via SSH or other distribution mechanisms.
- If you intend to use SecureBoot, make sure the endpoint is prepared before installing the Linux Agent. See: Enable Secure Boot for Linux Agents
Note: SecureBoot is only available with Linux Agent 8.8.0+.
In addition, make sure that the user account being used to install the agent has administrative rights, or that the user can use sudo.
Before you install the
Carbon Black App Control agent on the Red Hat Enterprise Linux 9.0 Endpoint:
- Install the initscripts RPM manually or connect the host to Red Hat network.
- Upgrade the Carbon Black App Control server to version 8.9.0 or later.
- If you are using a Carbon Black App Control server deployed on Windows Server 2012, please update the DH modulus to 2048 bytes as described in https://learn.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/3174644.
Procedure
What to do next
See "Endpoint Notifiers and Approval Requests" in the Carbon Black App Control User Guide for a description of what the user sees on an endpoint that is protected by the agent.