Install the agent

Topics:

Install the agent manually

Before you begin, make sure you have:

  1. Reviewed the agent's system requirements. See Deep Security Agent requirements.
  2. Windows only: Coexistence of Deep Security Agent with Microsoft Defender Antivirus
  3. Allowed inbound and outbound communication to and from the agent on the appropriate port numbers. See Deep Security port numbers.
  4. Imported the agent software into the manager. See Import agent software.
  5. Exported the agent software from the manager. See Export the agent installer.

Next, install the agent. Follow the instructions for your platform.

  1. Copy the agent ZIP to the computer and extract it.

  2. Double-click the installation file (.MSI file) to run the installer package.

    On Windows Server 2012 R2 Server Core, launch the installer using this command instead: msiexec /i Agent-Core-Windows-12.x-xxxx.x86_64.msi
  3. At the Welcome screen, click Next to begin the installation.
  4. End-User License Agreement: If you agree to the terms of the license agreement, select I accept the terms of the license agreement and click Next.
  5. Destination Folder: Select the location where you would like Deep Security Agent to be installed and click Next.
  6. Ready to install Trend Micro Deep Security Agent: Click Install to proceed with the installation.
  7. Completed: when the installation has completed successfully, click Finish.

The Deep Security Agent is now installed and running on this computer, and will start every time the machine boots.

When installing the agent on Windows 2012 Server Core, the notifier will not be included.
During an install, network interfaces will be suspended for a few seconds before being restored. If you are using DHCP, a new request will be generated, potentially resulting in a new IP address for the restored connection.

Installation on Amazon WorkSpaces

  • If you are unable to install Deep Security Agent .msi file due to error code ‘2503’ then you must do one of the following:
    • Edit your C:\Windows\Temp folder and allow the write permission for your user
      OR
    • Open the command prompt as an administrator and run the .msi file

Amazon has fixed this issue for newly-deployed Amazon WorkSpaces.

Installation on Windows 2012 Server Core

  • Deep Security does not support switching the Windows 2012 server mode between Server Core and Full (GUI) modes after the Deep Security Agent is installed.
  • If you are using Server Core mode in a Hyper-V environment, you will need to use Hyper-V Manager to remotely manage the Server Core computer from another computer. When the Server Core computer has the Deep Security Agent installed and Firewall enabled, the Firewall will block the remote management connection. To manage the Server Core computer remotely, turn off the Firewall module.
  • Hyper-V provides a migration function used to move a guest VM from one Hyper-V server to another. The Deep Security Firewall module will block the connection between Hyper-V servers, so you will need to turn off the Firewall module to use the migration function.
  1. Copy the agent ZIP to the computer and extract it.
  2. Install the agent.

    # sudo rpm -i <package name>

    Preparing... ########################################## [100%]

    1:ds_agent ########################################## [100%]

    Loading ds_filter_im module version ELx.x [ OK ]

    Starting ds_agent: [ OK ]

    The Deep Security Agent will start automatically upon installation.

  1. Copy the agent ZIP to the computer and extract it.

  2. Install the agent.

    sudo dpkg -i <installer deb file>

To start, stop, or reset the agent:

Using SysV init scripts:

  • Start: : /etc/init.d/ds_agent start
  • Stop: /etc/init.d/ds_agent stop
  • Reset: /etc/init.d/ds_agent reset
  • Restart: /etc/init.d/ds_agent restart
  • Display status: svcs -a | grep ds_agent

Using systemd commands:

  • Start: systemctl start ds_agent
  • Stop: systemctl stop ds_agent
  • Restart: systemctl restart ds_agent
  • Display status: systemctl status ds_agent

The Deep Security Agent installation is only supported in the global zone.

Solaris requires the following libraries to be installed to support Deep Security Agent:

Solaris 10: SUNWgccruntime

Solaris 11.0 - 11.3: gcc-45-runtime

Solaris 11.4: none; gcc-c-runtime version 7.3 is installed by default

  1. Copy the agent installer package to the computer where you want to install the agent.
  2. Unzip the ZIP file.
  3. Unzip the GZ file.

    gunzip <agent_GZ_file>

    The agent installer file (P5P or PKG) is now available.

  4. Install the agent. Some examples of installation commands are provided below. Alter the commands to suit your Solaris version, Solaris zone, Solaris processor, and Deep Security agent package name.
    • On Solaris 11, with one zone, run the following command in the global zone:

      x86: pkg install -g file:///mnt/Agent-Solaris_5.11-xx.x.x-xxxx.x86_64/Agent-Core-Solaris_5.11-xx.x.x-xxxx.x86_64.p5p pkg:/security/ds-agent

      SPARC: pkg install -g file:///mnt/Agent-Solaris_5.11-xx.x.x-xxxx.sparc/Agent-Core-Solaris_5.11-xx.x.x-xxxx.sparc.p5p pkg:/security/ds-agent

    • On Solaris 11, with multiple zones, run the following command in the global zone:

      mkdir <path>

      pkgrepo create <path>

      pkgrecv -s file://<path_to_agent_p5p_file> -d <path> '*'

      pkg set-publisher -g <path> trendmicro

      pkg install pkg://trendmicro/security/ds-agent

      pkg unset-publisher trendmicro

      rm -rf <path>

    • On Solaris 10, run one of these commands:

      x86: pkgadd -G -d Agent-Core-Solaris_5.10_Ux-xx.x.x-xxx.x86_64.pkg

      SPARC: pkgadd -G -d Agent-Core-Solaris_5.10_Ux-xx.x.x-xxx.sparc.pkg

To start, stop, or reset the agent:

  • Start: svcadm enable ds_agent
  • Stop: svcadm disable ds_agent
  • Reset: /opt/ds_agent/dsa_control -r
  • Restart: svcadm restart ds_agent
  • Display status: svcs -a | grep ds_agent

To uninstall the agent on Solaris 11:

pkg uninstall pkg:/security/ds-agent

To uninstall the agent on Solaris 10:

pkgrm -v ds-agent

  1. Copy the agent ZIP to the computer and extract it. A GZ file becomes available.
  2. Move the GZ file to another location.
  3. Extract the GZ file using gunzip. A BFF file becomes available. This is the installer file.
  4. Copy the BFF file to the AIX computer.
  5. Place the BFF file in a temporary folder such as /tmp.
  6. Install the agent.

    /tmp> installp -a -d /tmp/<agent_BFF_file_name> ds_agent

    where <agent_BFF_file_name> is replaced with the name of the BFF installer file you extracted.

To start, stop, load, or unload the driver for the agent:

  • Start: startsrc -s ds_agent
  • Stop: stopsrc -s ds_agent
  • Load the driver: /opt/ds_agent/ds_fctrl load
  • Unload the driver: /opt/ds_agent/ds_fctrl unload

Before you begin:

  1. Ensure that you have helm v3 or newer installed.
  2. Make sure you have imported the agent software to Deep Security Manager. See Get Deep Security Agent software for details.
  3. Ensure that you have enabled agent-initiated activation (AIA). AIA is required if you want your deployment script to activate the agent after installation. See Activate and protect agents using agent-initiated activation and communication for details.

Installing the agent:

  1. From the Deep Security console, in the upper right corner, click Support > Deployment Scripts.
  2. Select OpenShift Agent Deployment.
  3. (optional) Select the options for Security Policy, Computer Group, Relay Group, Proxy to contact Deep Security Manager, and Proxy to contact Relay(s).
    The deployment script generator displays the script.
  4. Do one of the following:
    • Click Copy to Clipboard and paste the deployment script in your preferred deployment tool
    • Click Save to File.

Install the agent using other methods

If you don't want to install the agent manually, you can use one of the methods described below.

Post-installation tasks

After you install the agent, you must perform the following post-installation tasks, if they were not already completed as part of the installation process: