Print Download PDF Send Feedback

Previous

Next

Automatic Deployment Overview

When you deploy Endpoint Security clients with automatic deployment, we recommend that you install two deployment packages on endpoint clients:

  1. Initial Client -This package includes the Endpoint Agent that communicates with the Endpoint Security Management Server. This must be distributed manually through an exported package.
  2. Software Blade Package - This package includes the specified Software Blades to be installed on the endpoint client. It can be distributed automatically with Software Deployment rules.

For manual deployment and upgrades, install the Software Blade Package. Do not install the Initial Client first.

You can configure the policies for the Software Blades before or after you deploy the Software Blade package.

Important - The name of client packages must stay EPS.msi.

Related Topics

Deploying the Initial Client

Getting the Initial Client Packages

Deploying the Software Blade Package with Deployment Rules

Creating New Deployment Rules

Changing Existing Deployment Rules

Installing Packages on Clients with Software Deployment

Deploying the Initial Client

You can get the Initial Client from SmartEndpoint, the distribution media, or download an Endpoint Security client from the Support Center. If you do not get the Initial Client from SmartEndpoint, you must give endpoint users the Endpoint Security Management Server host name or IP address. They enter this information to connect to the Endpoint Security Management Server manually.

You can use third-party deployment software to deploy the Initial Client to endpoint computers. The MSI package can be run manually by users or silently by a third party deployment tool.

For new client installations with automatic software deployment, use the eps.msi Initial Client.

For upgrades from E80.x, use a complete software package, not the Initial Client.

To upgrade legacy R73 clients, use the PreUpgrade.exe Initial Client, which unlocks legacy files using a predefined uninstallation password. It then continues to install the Initial Client package.

Getting the Initial Client Packages

The Initial Client is for 32-bit and 64-bit computers.

To get the Initial Client with SmartEndpoint:

  1. In SmartEndpoint, open the Software Deployment tab.
  2. Under Initial Client, click Download.

    The Package download configuration window opens.

  3. Optional: To add users who install this package to a Virtual Group, click the arrow to expand Virtual Group.
    • Select Select Virtual Group. Endpoints installed with the exported package will automatically be added to it.
    • Select a Virtual Group or click Add New to create a new group.
  4. For upgrades from R73: Click the arrow to expand R73 Client Upgrade.
    1. Select Support R73 client upgrade.
    2. Optional: To upgrade without user input, select Silent Upgrade. If this is not selected, users are prompted to upgrade.
    3. Optional: To force reboot after a silent upgrade, select Force reboot. If this is not selected, users are asked to reboot.
    4. Enter Legacy upgrade passwords if relevant for Secure Access and Full Disk Encryption EW.
  5. Click Download.
  6. In the Save Location, right-click and select New > Folder. Give the folder a name that describes the package contents, such as 'Initial Client.
  7. Click OK.

    The Endpoint Security Management Server downloads the package from the internet and saves it to the specified folder.

To get the Initial Client from the Support Center:

  1. Create a folder for the Initial Client on your local computer.
  2. Go the Support Center Web site.
  3. Search for Endpoint Security Management Server.
  4. In the Version filter section, select the latest supported client version.
  5. Download Endpoint Security <version> Client for Windows.
  6. Create a new folder with a name that describes the package contents, such as 'Initial Client.
  7. Copy EPS.msi to the folder.

Deploying the Software Blade Package with Deployment Rules

Software Deployment rules let you manage Software Blade Package deployment and updates using SmartEndpoint. The Default Policy rule applies to all endpoint clients for which no other rule in the Rule Base applies. You can change the default policy as necessary.

You can define more rules to customize the deployment of Software Blades to groups of endpoint computers with different criteria, such as:

You must install an Initial Client on endpoint computers before you can deploy Software Blades with automatic software deployment.

Creating New Deployment Rules

To create new rules for automatic Software Deployment:

  1. Click the Deployment tab and select Software Deployment Rules.
  2. Click the Create Rule icon.

    The Create Rule Wizard opens.

  3. In the Select Entities window, select an entity (OU, Virtual Group, or Computer). Double-click the node to show the items contained in that node.
  4. Click Next.
  5. In the Change Rule Action Settings window:
    • Select a package version or click Manage Client Versions to upload a different client version from in the Packages Repository.
    • Select Software Blades to install and clear Software Blades that are not to be installed with this rule.
  6. Click Next.
  7. In the Name and Comment window, enter a unique name for this rule and an optional comment.
  8. Click Finish to add the rule to the Software Deployment Rules.
  9. Click Save.
  10. Install the policy.

Changing Existing Deployment Rules

To edit rules for automatic Software Deployment:

  1. Click the Deployment tab and select Software Deployment Rules.
  2. Select a rule.
  3. From most columns, right click to get these options:
    • Clone Rule - Make a new rule with the same contents.
    • Delete Rule - Delete the rule.
    • Download Package - Download the package for export. This includes the Initial Client and Software Blade Package.
  4. To change the name, Double-click the Name cell and enter a different name.
  5. To change an Applies To parameter, right click an entity and select an option:
    • Add new entity to this rule - Select an entity from the tree to add to the rule.
    • Remove entity from this rule - Select an entity to delete.
    • Navigate to item - Go to the selected entity in the Users and Computers tab.
    • Add to Virtual Group - Add the selected entity to a Virtual Group.
  6. In the Actions column:
    • Select a package version or click Manage Client Versions to upload a different client version from in the Packages Repository.
    • Select Software Blades to install and clear Software Blades that are not to be installed with this rule.
  7. On the toolbar, click Save.
  8. Install the policy.

Installing Packages on Clients with Software Deployment

After the Initial Client is successfully deployed and you have Software Deployment rules, install Software Blade Packages easily from SmartEndpoint.

Edit the Client Settings rules to change client installation settings.

To install Software Blade Packages on endpoint computers:

  1. On the Deployment tab, click Install.
  2. If prompted, click Save to save the rules.
  3. Select the Rules to install and then click Install.

To make sure that a rule does not install:

Right-click in the Actions column of a Software Deployment rule and select Do not install.