Guest Introspection supports File Introspection in Linux for anti-virus only. To protect Linux VMs using a Guest Introspection security solution, you must install the Guest Introspection thin agent.

About this task

The Linux thin agent is available as part of the VMware Tools operating system specific packages (OSPs). Installing VMware Tools is not required. Linux thin agent installation and upgrade is not connected to NSX installation and upgrade. Also, Enterprise or Security Administrator (non-NSX Administrator) can install the agent on guest VMs outside of NSX.

To install Linux thin agent on RHEL or SLES systems, use the RPM package. To install Linux thin agent on Ubuntu systems, use the DEB package.

For Windows instructions, see Install the Guest Introspection Thin Agent on Windows Virtual Machines.

Prerequisites

  • Ensure that the guest virtual machine has a supported version of Linux installed:

    • Red Hat Enterprise Linux (RHEL) 7 GA (64 bit)

    • SUSE Linux Enterprise Server (SLES) 12 GA (64 bit)

    • Ubuntu 14.04 LTS (64 bit )

  • Verify GLib 2.0 is installed on the Linux VM.

Procedure

Based on your Linux operating system, perform the following steps with root privilege:
  • For Ubuntu systems:

    1. Obtain and import the VMware packaging public keys using the following commands:

      curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
      
      apt-key add VMWARE-PACKAGING-GPG-RSA-KEY.pub

    2. Create a new file named vm.list file under /etc/apt/sources.list.d.

    3. Edit the file with the following content:

      vi /etc/apt/sources.list.d/vm.list
      deb https://packages.vmware.com/packages/ubuntu/ trusty main

    4. Now, install the package as follows:

      apt-get update
      apt-get install vmware-nsx-gi-file

  • For RHEL7 systems:

    1. Obtain and import the VMware packaging public keys using the following commands:

      curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
      
      rpm --import VMWARE-PACKAGING-GPG-RSA-KEY.pub

    2. Create a new file named vm.repo file under /etc/yum.repos.d.

    3. Edit the file with the following content:

      vi /etc/yum.repos.d/vm.repo
      [vm]
      name = VMware
      baseurl = https://packages.vmware.com/packages/rhel7/x86_64
      enabled = 1
      gpgcheck = 1
      metadata_expire = 86400
      ui_repoid_vars = basearch
      

    4. Now, install the package as follows:

      yum install vmware-nsx-gi-file

  • For SLES systems:

    1. Obtain and import the VMware packaging public keys using the following commands:

      curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
      
      rpm --import VMWARE-PACKAGING-GPG-RSA-KEY.pub

    2. Add the following repository:

      zypper ar -f "https://packages.vmware.com/packages/sle12/x86_64/" VMware

    3. Now, install the package as follows:

      zypper install vmware-nsx-gi-file

What to do next

Check if the thin agent is running using the service vsepd status command with the administrative privileges. The status should be running.