Deploying Endpoint Security for Linux
This section explains how to install Endpoint Security for Linux.
- Navigate to Policy > Export Package
- Download the Linux installation script
-
Copy/Download the installation script to the target device. Run one of these options.
-
To allow execution permission to the file, run:
chmod +x ./<Name of Install Script> -
If the Linux host uses HTTP or HTTPS proxy, install the client using the proxy details:
sudo ./<Name of Install Script> install --http_proxy http://username:password@proxy_address:port -
To deploy both Anti-Malware and Threat Hunting, run:
sudo ./<Name of Install Script> install -
To deploy Anti-Malware only, run:
sudo ./<Name of Install Script> install --product am -
To deploy Threat Hunting only, run:
sudo ./<Name of Install Script> install --product edr -
To deploy Behavioral Guard only, run:
sudo ./<Name of Install Script> install --product bg
Note:Non-Interactive Installation Mode: The installer supports a
--non-interactiveflag, which enables fully headless installation without user prompts. This is useful for automated deployments and scripting scenarios.To run the installation in fully headless mode, use:
sudo ./<Name of Install Script> install --non-interactive-
To enable the Threat Hunting function, make sure that Threat Hunting is enabled in the applicable policy rule. Navigate to Policy > Threat Prevention > Analysis & Remediation and ensure Threat Hunting is set to ON.
Notes:
-
If Strong/Kerberos authentication is enabled, then HTTP 401 is in the
/var/log/checkpoint/cpla/cpla.log.
-
It is necessary to put the keytab file used for authentication set up in the file /var/lib/checkpoint/cpmgmt/auth.keytab (the file is generated by the ktpass utility).
sudo ./<install script name> install --product edr
-
-