If you are installing Carbon Black Cloud Windows sensors into an environment that is comprised of Horizon full clones only, use the following installation method.

Important:

Previous installation use of a post-synchronization script (batch file) is no longer necessary. If you are upgrading to Horizon 7.13+ from a previous Horizon version, you must remove the batch file that had previously been inserted into the golden image. Failure to remove the script will cause multiple re-registrations of the same device.

Do not run repcli reregister now or repcli reregister onrestart commands on the golden image. Either command turns the golden image into a clone, which might deregister the golden image if autoderegister is set and a time-out has occurred. Deregistration of the golden image results in clones being unable to reregister.

Prerequisites

See Carbon Black Windows Sensor Policy Setting Recommendations for Horizon Full Clones before installing the sensor.

Procedure

  1. Create the golden image VM for the clone pool deployment. Perform required Windows updates and install the required VMware Tools and Horizon Agent.
  2. Install the sensor on the golden image:
    • If you are using Horizon versions 7.13+ or 8.0+ and Carbon Black Cloud sensor 3.6+, no additional configuration is required. In this case, the sensor uses a Horizon Agent-provided registration key to perform reregistration on the clone:
      msiexec.exe /q /i <Sensor Installer Path> /L*v msi.log COMPANY_CODE="XYZABC" CLI_USERS=<UserGroupSid>POLICY_NAME="<NAME Virtual Policy>"
      Note: The instant clone agent now sets the following registry value to a unique GUID when IT/replica/clone nga customization begins. Each clone has a unique value:
      Key: HKLM\Software\VMware, Inc.\ViewComposer\ga\AgentIntegration 
      Type: REG_SZ 
      Value: CustomizationStarted 
    • If you are using a Horizon version Pre-7.13, 8.0 and Windows sensor 3.7 MR2+, add the “AUTO_REREGISTER_FOR_VDI_CLONES=3" install flag:
      msiexec.exe /q /i <Sensor Installer Path> /L*v msi.log COMPANY_CODE="XYZABC" CLI_USERS=<UserGroupSid> AUTO_REREGISTER_FOR_VDI_CLONES=3 POLICY_NAME="<NAME Virtual Policy>" 
      
      Note:

      <Sensor Installer Path>: Replace this value with the location of the sensor MSI file; for example, c:\tmp\installer_win-64-3.8.0.627.msi.

      CLI_USERS= <UserGroupSid>: This parameter on the golden image enables RepCLI usage on the clones. The value is the Security Identifier (SID) of the user account/group that will run RepCLI commands on the clones.

      Policy_NAME: Indicates the policy name that has the necessary exclusions and configurations to apply to the golden image. For Carbon Black Cloud sensors that are on versions prior to 3.8, use GROUP_NAME parameter instead.

      See Installing Windows Sensors on Endpoints and Windows Sensor Supported Commands. For more information about RepCLI, see Managing Sensors by using RepCLI in the VMware Carbon Black Cloud on AWS GovCloud (US) User Guide.

  3. Optional (Recommended). Complete a background scan on the golden image to optimize clone performance.
    1. In the Carbon Black Cloud console, click Enforce > Policies, select the policy, and click the Sensor tab.
    2. Select the Run background scan option and select Expedited scanning.
    3. Click Save.
    4. You can track scan progress by running the repcli status command. The output will be similar to the following:
      General Info:
         Sensor Version[3.7.0.1473 - Sep 29 2021 - 20:34:38]
         Local Scanner Version[ - ]
         Disk Filter Version[3.7.0.1473]
         CbShared[104365] Policy[1269] FileAnalysis[386] Proto[548]
         Sensor State[Enabled]
         Details[LiveResponse:NoSession, LiveResponse:NoKillSwitch, LiveResponse:Disabled, SvcStable]
         DeviceHash[31dbad895ab7161f1f53bed2f4e3fa49ac64de98935b03752b53a407f65d9ea2]
         DeviceID[26365289]
         VirtualGuestToHostCommsStatus[Disconnected]
         ExternalIdentity[Not Available]
         Kernel File Filter[Connected]
         LastUser[Device\user]
         Background Scan [Complete]
         Total Files Processed[52581] Current Directory[None]
  4. Optional: Update the device signature of the golden image by running the repcli updateAVSignature command.
  5. Reboot the golden image to apply full ransomware protections (Windows sensor versions 3.7+).
  6. Shut down the golden image. In the Horizon console, convert the golden image into the template VM. Create a full clone pool using the golden VMTemplate.
  7. New full clones will register with a new Device ID in the Carbon Black Cloud console after the pool becomes available. Confirm that newly provisioned clones have registered and are assigned the correct policy.