#Updated: 17th Oct'14
Hi,
This article will demonstrate how to install Symantec Endpoint Protection on Red Hat Linux machine.
The enterprise version of Symantec Endpoint Protection now includes the Symantec Endpoint Protection client for Linux. The Symantec Endpoint Protection client for Linux replaces the Symantec AntiVirus client for Linux and supports a greater range of distributions and kernels. Added distributions include Red Hat Enterprise Linux Server (RHEL) 6.5 and CentOS 6.5
SEP for Linux clients can now be managed by an RU5 SEPM, or later. Configuration enhancements have been made to the SEPM to allow policy creation for managed Linux clients. This includes AV policy settings, centralized exceptions, and LiveUpdate settings. The SEPM also features enhanced reporting for Linux clients, including the SEP client version, host OS details, and hardware details.
There are certain requirements and pre-requisites to install Symantec Endpoint Protection for Linux.
1) Symantec Endpoint Protection requires a specific kernel on the system before installing Symantec AutoProtect package or otherwise you should compile your own kernel with our AutoProtect to ensure it will function properly. For a list of supported kernels please see:
If you use a version of a Linux distribution that uses a Symantec Endpoint Protection legacy kernel and need to troubleshoot issues with it, you would need to update the Linux distribution to use a supported kernel version and then reproduce the issue.
For example, Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.el6.* is listed as a supported kernel, but you can also use version Red Hat Enterprise Linux (RHEL) 6U5 2.6.32-431.17.1.el6.* with Symantec Endpoint Protection for Linux
Make sure you are login with the necessary priviledge, can verify with the command 'whoami'
Note: You must have superuser privileges to install the Symantec Endpoint Protection client on the Linux computer.
In this example I have logged with root user.
Type command 'uname -a' to verify the kernel version details.
Verify the Java version details:
Type command "java -version"
Symantec Java LiveUpdate (JLU) requires Sun Java VM (Virtual Machine ) version 1.5 or above to ensure LiveUpdate works correctly.
Unlimited Strength Java Cryptography Extension (JCE)
You must install the Unlimited Strength Java Cryptography Extension policy files to match your version of Java. This installation requires superuser privileges.
You can download the installation files under Additional Resources from the following Oracle website: http://www.oracle.com/technetwork/java/javase/downloads/index.html
• i686-based dependent packages on 64-bit computers
Many of the executable files in the Symantec Endpoint Protection client for Linux are 32-bit programs. For 64-bit computers, you must install the i686-based dependent packages before you install Symantec Endpoint Protection. If you have not already installed the i686-based dependent packages, you can install them with the following commands.
The installation of these packages requires superuser privileges, which the following commands demonstrate with sudo.
◦ For Red Hat-based distributions: sudo yum install glibc.i686 libgcc.i686 libX11.i686
◦ For Debian-based distributions: sudo apt-get install ia32-libs
◦ For Ubuntu-based distributions: sudo apt-get install libx11-6:i386 libgcc1:i386 libc6:i386
Hardware
- Intel Pentium 4 (2 GHz) or higher processor
- 1 GB of RAM
- 5 GB of available hard disk space
Operating systems
- CentOS 6U4, 6U5; 32-bit and 64-bit
- Debian 6.0.5 Squeeze; 32-bit and 64-bit
- Fedora 16, 17; 32-bit and 64-bit
- Novell Open Enterprise Server (OES) 2 SP2 and 2 SP3 running
- SUSE Linux Enterprise Server (SLES) 10 SP3; 32-bit and 64-bit
- Novell Open Enterprise Server (OES) 11 and 11 SP1 running
- SUSE Linux Enterprise Server (SLES) 11 SP1 and SP2; 64-bit
- Oracle Linux 5U8, 5U9, 6U2, 6U4; 64-bit
- Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5; 32-bit and 64-bit
- SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
- SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
- Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit
- Ubuntu Desktop 11.10, 12.04, 12.04.2, 13.04; 64-bit
Graphical desktop environments
You can use the following graphical desktop environments to view the Symantec Endpoint Protection client's graphical user interface:
- KDE
- Gnome
Reference: System Requirements for Symantec Endpoint Protection 12.1.5
http://www.symantec.com/docs/TECH224712
You cannot deploy the Linux client from Symantec Endpoint Protection Manager remotely. The installation steps are similar whether the client is unmanaged or managed.
The only way to install a managed client is with an installation package that you create in Symantec Endpoint Protection Manager. You can convert an unmanaged client to a managed client at any time by importing client-server communication settings into the Linux client.
If all the system requirements are met correctly, Export the linux package through the Symantec Endpoint Protection Manager console.
By default two pacakges are available to export.
1) RPM package for Red hat linux clients
2) Debian package for Ubuntu, Cent OS etc
Export the appropriate packages.
SEPM exports the package into .zip format.
Package size is around 38 MB only.
As said earlier, At this point SEPM does not have the functionality to push the linux package remotely, it can either create a Web Link and Email & Save Package.
In this article, I am saving this package locally on the System.
Copy the installation package that you created to the Linux computer. The package is a .zip file.
On the Linux computer, open a terminal application window.
Navigate to the installation directory with the following command:
cd /directory/
Here you can see it's under Downloads folder
Extract the contents of the .zip file into a directory named 'tmp' or you can extract at other location as well.
I did extract here at the same location.
Type command "Unzip SymantecEndpointProtection.zip"
To begin with install check the permission on install script.
By default Owner, Group & Otherw have read permission on install script. The installer is in read only. If you tried to install you will get permission denied error message like below.
Need to assign execute permission on install script
To correctly set the execute file permissions on install.sh, use the following command:
chmod u+x install.sh
Use the built-in script to install Symantec Endpoint Protection with the following command:
sudo ./install.sh -i
Enter your password if prompted
This script initiates the installation of the Symantec Endpoint Protection components. The default installation directory is as follows:.
/opt/Symantec/symantec_antivirus
The default work directory for LiveUpdate is as follows:
/opt/Symantec/LiveUpdate/tmp
The installation completes when the command prompt returns. You do not have to restart the computer to complete the installation.
To verify the client installation, click or right-click the Symantec Endpoint Protection yellow shield and then click Open Symantec Endpoint Protection. The location of the yellow shield varies by Linux version. The client user interface displays information about program version, virus definitions, server connection status, and management.
Under Clients tab can verify linux client status
Linux settings under Virus & Spyware policies:
Following commands can be issued on the linux machine from the SEPM console.
1) Scan
2) Update Content
3) Update Content & Scan
4) Enable Auto-Protect
Migration Paths:
Symantec Endpoint Protection adds support for Linux as of 12.1.5. You can only migrate Symantec AntiVirus for Linux 1.0.14 directly to the Symantec Endpoint Protection client for Linux 12.1.5.
You must uninstall all earlier versions of Symantec AntiVirus for Linux first.
You do not need to uninstall Symantec AntiVirus for Linux Reporter before you install the Symantec Endpoint Protection client for Linux.
I hope it's helpful!