Appendix C - Deploying Harmony Endpoint Security Client Using Microsoft Intune

You can use Microsoft Intune or Microsoft Endpoint Manager to deploy Harmony Endpoint Security Client on Windows-based endpoints.

Use Case

If you already use Microsoft Intune or Microsoft Endpoint Manager to manage your organization’s endpoints, you can also use the same Microsoft Intune or Microsoft Endpoint Manager to deploy Endpoint Security Client on these managed endpoints.

Prerequisites

  • A Microsoft 365 account/subscription. for Microsoft Intune or Microsoft Endpoint Manager.

  • You must be a Global Administrator or an Intune Service Administrator (Intune Administrator) to deploy the Harmony Endpoint Security Client. For more information on roles and permissions, see Role-based access control (RBAC) with Microsoft Intune.

  • You must have enrolled Windows endpoints to Microsoft Intune or Microsoft Endpoint Manager. For more information, see Set up enrollment for Windows endpoints.

  • Before you deploy Harmony Endpoint Security Client, make sure all your enrolled endpoints are contained in a single group. If you do not have such a group, create a new group and assign your endpoints and users to it.

Preparing the Harmony Endpoint Client Windows Package for Deployment

  1. Log in to Infinity Portal and access the Harmony Endpoint Administrator Portal.

  2. Go to Overview and click Download Endpoint on the top banner.

    You can also click Policy > Deployment Policy > Software Deployment and click Download Endpoint on the top banner.

  3. Select the required Download version and Virtual group for Windows.

  4. Click Download.

    The EndpointSetup.exe file downloads.

  5. Create an MSI file from the downloaded EndpointSetup.exe file by running this command.

    EndpointSetup.exe /CreateMSI

    The EPS.msi file is created.

Harmony Endpoint Configuration

After you deploy the Harmony Endpoint Security Client, the installation does not start immediately. The user can postpone the installation for up to 48 hours.

To start the Harmony Endpoint Security Client installation immediately, before Creating the Harmony Endpoint Windows App in Microsoft Intune , do these:

  1. Log in to Infinity Portal and access the Harmony EndpointAdministrator Portal.

  2. Go to Policy > Client Settings.

  3. In the right section Capabilities & Exclusions, click the Installation & Upgrade tab.

  4. Clear the Enable the user to postpone the client installation or upgrade checkbox and click Save.

  5. Click Install Policy to deploy the ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session. to the endpoints.

  6. In the Install Policy pop-up screen, click Save & Install.

Creating the Harmony Endpoint Windows App in Microsoft Intune

  1. Log in to Microsoft Intune or Microsoft Endpoint Manager admin center.

  2. Go to Apps. In the section By Platforms, select Windows.

    The Windows apps page opens.

  3. Click Add.

  4. In the Select app type pane, select Line-of-business app, and click Select at the bottom.

    The Add app page appears.

  5. Under the App information, click Select app package file.

  6. In the App package file pane, upload the EPS.msi file you created in Preparing the Harmony Endpoint Client Windows Package for Deployment and click OK.

  7. Enter the Name, Description, and Publisher information.

  8. Select Yes for Ignore app version and click Next.

  9. Go to Assignments tab and assign the app to the groups that you want to deploy Harmony Endpoint Security Client. For more information, see Assign apps to groups with Microsoft Intune.

  10. In the Assignments tab, under Required, click Add group.

  11. In the Select groups pane, select the relevant group and click Select.

  12. In the Add app page, click Next.

  13. Review the information and click Create.

    After the EPS.msi file is uploaded, you can see information about the newly created app.