Install the Linux thin agent to introspect network traffic. The network introspection driver will be used by NSX Malware Prevention functionality to introspect traffic for any malware.

Important: To protect guest VMs against antivirus, you do not need to install the Linux thin agent for network introspection.

The Linux thin agent driver that is used to introspect network traffic depends on an open-source driver.

Prerequisites

Install the following packages:
  • glib2
  • libnetfilter-conntrack3/ libnetfilter-conntrack
  • libnetfilter-queue1/ libnetfilter-queue
  • iptables

Procedure

  1. (Ubuntu)
    1. To install the open-source driver provided by guest introspection, add following in /etc/apt/sources.list as the base URL for your operating system.
      deb [arch=amd64] https://packages.vmware.com/guest-introspection-for-vmware-nsx/latest/ubuntu xenial main
    2. Import the VMware packaging key.
      curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
      apt-key add VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    3. Update the repository and install the open-source driver.
      apt-get install guest-introspection-for-vmware-nsx
    4. To install the Linux thin agent that is used to introspect file and or network traffic.
      • To install file and network introspection packages, select vmware-nsx-gi package in step g.
      • To install network introspection packages, select the vmware-nsx-gi-net package in step g.

    5. Create /etc/apt/sources.list.d/gi.list and add following URL as the base URL for your operating system depending upon the distro.
      deb [arch=amd64] http://packages.vmware.com/packages/nsx-gi/latest/ubuntu xenial main

      Or

      deb [arch=amd64] http://packages.vmware.com/packages/nsx-gi/latest/ubuntu focal main
    6. Import the VMware packaging key.
      curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
      apt-key add VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    7. Install one of the following drivers.
      apt-get install vmware-nsx-gi
      apt-get install vmware-nsx-gi-net
  2. (RHEL)
    1. To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.
      [nsx-gi] 
      name=nsx-gi 
      baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/rhel/x86_64/ 
      enabled=1 
      gpgcheck=1 
    2. Import the VMware packaging key.
      curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
      rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    3. Update the repository and install the open-source driver.
      yum install Guest-Introspection-for-VMware-NSX  
    4. To install the Linux thin agent that is used to introspect file and or network traffic.
      • To install file and network introspection packages, select vmware-nsx-gi package in step g.

      • To install network introspection packages, select the vmware-nsx-gi-net package in step g.

    5. Create /etc/yum.repos.d/vm.repo file and add following:
      [vmware] 
      name = VMware 
      baseurl = http://packages.vmware.com/packages/nsx-gi/latest/rhel/x86_64 
      enabled = 1 
      gpgcheck = 1 
      metadata_expire = 86400 
      ui_repoid_vars = basearch
    6. Import the VMware packaging key.
      https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    7. Install drivers.
      yum install vmware-nsx-gi
      yum install vmware-nsx-gi-net
  3. (SLES)
    1. To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.
      [nsx-gi] 
      name=nsx-gi 
      baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/sles/x86_64/ 
      enabled=1 
      gpgcheck=1 
    2. Import the VMware packaging key.
      curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
      rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    3. Update the repository and install the open-source driver.
      zypper install Guest-Introspection-for-VMware-NSX
    4. To install the Linux thin agent that is used to introspect file and/or network traffic.
      • To install file and network introspection packages, select vmware-nsx-gi package in step g.

      • To install network introspection packages, select the vmware-nsx-gi-net package in step g.

    5. Create /etc/yum.repos.d/vm.repo file and add following:
      [vmware] 
      name = VMware 
      baseurl = http://packages.vmware.com/packages/nsx-gi/latest/sles/x86_64 
      enabled = 1 
      gpgcheck = 1 
      metadata_expire = 86400 
      ui_repoid_vars = basearch
    6. Import the VMware packaging key.
      https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    7. Install drivers.
      zypper install vmware-nsx-gi
      zypper install vmware-nsx-gi-net
  4. (CentOS)
    1. To install the open-source driver provided by guest introspection, create /etc/yum.repos.d/gi.repo file and add following in the file.
      [nsx-gi]
      name=nsx-gi
      baseurl=https://packages.vmware.com/guest-introspection-for-vmware-nsx/1.2.0.0/centos/x86_64/
      enabled=1
      gpgcheck=1
    2. Import the VMware packaging key.
      curl -O https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub 
      rpm --import VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    3. Update the repository and install the open-source driver.
      yum install Guest-Introspection-for-VMware-NSX
    4. To install the Linux thin agent that is used to introspect file and or network traffic.
      • To install file and network introspection packages, select vmware-nsx-gi package in step g.

      • To install network introspection packages, select the vmware-nsx-gi-net package in step g.

    5. Create /etc/yum.repos.d/vm.repo file and add following:
      [vmware] 
      name = VMware 
      baseurl = http://packages.vmware.com/packages/nsx-gi/latest/centos/x86_64 
      enabled = 1 
      gpgcheck = 1 
      metadata_expire = 86400 
      ui_repoid_vars = basearch
    6. Import the VMware packaging key.
      https://packages.vmware.com/packages/nsx-gi/keys/VMWARE-PACKAGING-NSX-GI-GPG-RSA-KEY.pub
    7. Install drivers.
      yum install vmware-nsx-gi
      yum install vmware-nsx-gi-net