Install the Linux Thin Agent for Network Introspection

Install the Linux thin agent to introspect network traffic. The network introspection driver will be used by NSX Malware Prevention functionality to introspect traffic for any malware.

Important: To protect guest VMs against antivirus, you do not need to install the Linux thin agent for network introspection.

The Linux thin agent driver that is used to introspect network traffic depends on an open-source driver.

Prerequisites

Install the following packages:

glib2
libnetfilter-conntrack3/ libnetfilter-conntrack
libnetfilter-queue1/ libnetfilter-queue
iptables

Procedure

(Ubuntu)
1. To install the open-source driver provided by guest introspection, add following in /etc/apt/sources.list as the base URL for your operating system.
```
deb [arch=amd64] https://packages.vmware.com/guest-introspection-for-vmware-nsx/latest/ubuntu xenial main
```
2. Import the VMware packaging key.
```
curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
apt-key add VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
```
3. Update the repository and install the open-source driver.
```
apt-get install guest-introspection-for-vmware-nsx
```
4. To install the Linux thin agent that is used to introspect file and or network traffic.
  - To install file and network introspection packages, select vmware-nsx-gi package in step g.
  - To install network introspection packages, select the vmware-nsx-gi-net package in step g.
5. Create /etc/apt/sources.list.d/gi.list and add following URL as the base URL for your operating system depending upon the distro.
```
deb [arch=amd64] http://packages.vmware.com/packages/nsx-gi/latest/ubuntu xenial main
```
  Or
```
deb [arch=amd64] http://packages.vmware.com/packages/nsx-gi/latest/ubuntu focal main
```
6. Import the VMware packaging key.
```
curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
apt-key add VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
```
7. Install one of the following drivers.
```
apt-get install vmware-nsx-gi
apt-get install vmware-nsx-gi-net
```

(RHEL)

To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.

[nsx-gi] 
name=nsx-gi 
baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/rhel/x86_64/ 
enabled=1 
gpgcheck=1

Import the VMware packaging key.

curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Update the repository and install the open-source driver.
```
yum install Guest-Introspection-for-VMware-NSX  
```
To install the Linux thin agent that is used to introspect file and or network traffic.
- To install file and network introspection packages, select vmware-nsx-gi package in step g.
- To install network introspection packages, select the vmware-nsx-gi-net package in step g.

Create /etc/yum.repos.d/vm.repo file and add following:

[vmware] 
name = VMware 
baseurl = http://packages.vmware.com/packages/nsx-gi/latest/rhel/x86_64 
enabled = 1 
gpgcheck = 1 
metadata_expire = 86400 
ui_repoid_vars = basearch

Import the VMware packaging key.

https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Install drivers.

yum install vmware-nsx-gi
yum install vmware-nsx-gi-net

(SLES)

To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.

[nsx-gi] 
name=nsx-gi 
baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/sles/x86_64/ 
enabled=1 
gpgcheck=1

Import the VMware packaging key.

curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Update the repository and install the open-source driver.
```
zypper install Guest-Introspection-for-VMware-NSX
```
To install the Linux thin agent that is used to introspect file and/or network traffic.
- To install file and network introspection packages, select vmware-nsx-gi package in step g.
- To install network introspection packages, select the vmware-nsx-gi-net package in step g.

Create /etc/yum.repos.d/vm.repo file and add following:

[vmware] 
name = VMware 
baseurl = http://packages.vmware.com/packages/nsx-gi/latest/sles/x86_64 
enabled = 1 
gpgcheck = 1 
metadata_expire = 86400 
ui_repoid_vars = basearch

Import the VMware packaging key.

https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Install drivers.

zypper install vmware-nsx-gi
zypper install vmware-nsx-gi-net

(CentOS)

To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.

[nsx-gi]
name=nsx-gi
baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/centos/x86_64/
enabled=1
gpgcheck=1

Import the VMware packaging key.

curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Update the repository and install the open-source driver.
```
yum install Guest-Introspection-for-VMware-NSX
```
To install the Linux thin agent that is used to introspect file and or network traffic.
- To install file and network introspection packages, select vmware-nsx-gi package in step g.
- To install network introspection packages, select the vmware-nsx-gi-net package in step g.

Create /etc/yum.repos.d/vm.repo file and add following:

[vmware] 
name = VMware 
baseurl = http://packages.vmware.com/packages/nsx-gi/latest/centos/x86_64 
enabled = 1 
gpgcheck = 1 
metadata_expire = 86400 
ui_repoid_vars = basearch

Import the VMware packaging key.

https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub

Install drivers.

yum install vmware-nsx-gi
yum install vmware-nsx-gi-net