{{ secondMenu.name }}
{{ language }}
You can deploy Athena EPP agents on Linux on a small or large scale. The small-scale deployment methods include installation via the command line, manual installation, installation on physical machines (full offline installer), and redirection to the Athena EPP agent installer download page. Large-scale deployment methods include installation via the Linux bulk deployment tool and installation on virtual machines.
In small-scale deployment scenarios, you can obtain the installation command and run it on an endpoint for automatic deployment. Go to System > Agent Deployment > Agent Download > Linux, find Agent Installation via Command Line under General Deployment, and click Expand on the right, as shown in the following figure.
Click Copy Command under Agent Installation via Command Line, and run the command on the endpoint PC, as shown in the following figure.
Download the Athena EPP agent installer to your local device, upload the installer to the endpoint, and run the installation command.
Go to System > Agent Deployment > Agent Download > Linux, find Agent Installation via Command Line under General Deployment, and click Expand on the right, as shown in the following figure.
In scenarios where a group company consisting of a headquarters and multiple branches has Athena EPP manager installed at the headquarters, you must download components from the Athena EPP manager at the headquarters through the VPN or dedicated network during the installation of the Athena EPP agent, leading to high dedicated network bandwidth usage and a slow installation process. The full offline installer-based installation enables direct installation without downloading components from the Athena EPP manager, avoiding excessive dedicated network bandwidth usage.
Go to System > Agent Deployment > Agent Download > Linux, find Agent Installation on Physical Machines (Full Offline Installer) under General Deployment, and click Expand on the right, as shown in the following figure.
The procedure is as follows:
Download the full offline installer :
Click Go to Sangfor Community to download the full offline installer, as shown in the following figure.
Execute the full offline installer :
Upload the full offline installer for Linux to the tmp directory of the endpoint, and run tar -zxvf [Installer Name] to decompress the installer, as shown in the following figure.
After the decompression, run the following commands to start the installation. Please pay attention to the spaces between the command line:
dos2unix agent_installer.sh
./agent_installer.sh -o -h [Manager IP] -p [Communication Port Between Agent and Manager] -u [CorpID]
The descriptions are as follows:
There are differences between on-premises Athena EPP and SaaS Athena EPP.
|
Command |
Description |
Remarks |
|
-o |
Execute a full offline installation. |
|
|
-h |
The address of the Athena EPP manager. |
For on-premises Athena EPP, the address is the IP address of the local Athena EPP manager. For SaaS Athena EPP, the address is edragent.sangfor.com. |
|
-p |
The communication port between the Athena EPP agent and Athena EPP manager. |
For on-premises Athena EPP, the default port is 4430, which can be changed on the Athena EPP manager. For SaaS Athena EPP, the port is 443. |
|
-u |
The CorpID. |
This option is required only in the full offline installation of SaaS Athena EPP. |
You can obtain the CorpID from Sangfor Platform-X, as shown in the following figure.
Example 1: Install the full offline installer on Linux for on-premises Athena EPP.
Suppose the IP address of the on-premises Athena EPP manager is 10.62.23.5, and the communication port is 4430. Run ./agent_installer.sh -o -h 10.62.23.5 -p 4430 to start the installation, as shown in the following figure.
Example 2: Install the full offline installer on Linux for SaaS Athena EPP.
Suppose the CorpID of the SaaS Athena EPP manager is 36138639. Run
./agent_installer.sh -o -h edragent.sangfor.com -p 443 -u 36138638.
Administrators can distribute a link to the installer download webpage to user endpoints via channels such as email and OA to remind users to download and install the Athena EPP agent.
Go to System > Agent Deployment > Agent Download > Linux, find Redirection to Agent Installer Download Page under General Deployment, and click Expand on the right, as shown in the following figure.
Enter a title and the content in the Customize title and contents step and click Next to generate a link, as shown in the following figure.
Distribute the link to endpoints as an administrator via email, OA, or other channels for users to download and install the Athena EPP agent, as shown in the following figure.
Sangfor provides a tool that connects to Linux servers in bulk using the SSH protocol for automatic installer download from the Athena EPP manager and bulk Athena EPP agent deployment on Linux.
a)Windows
a)Collect the root account usernames and passwords of all Linux servers in advance.
b)The Windows PC that hosts the tool can connect to the Linux servers where the Athena EPP agent is to be installed via the SSH protocol.
a)Download the tool.
Go to System > Agent Deployment > Agent Download > Linux, find Agent Installation via Linux Bulk Deployment Tool under Bulk Deployment, click Expand on the right, and then click Download and Download Deployment Guide, as shown in the following figure.
b)As shown in the following figure, the tool consists of a configuration file named config.txt and two main programs named InstallMain32.exe and InstallMain64.exe that run on 32-bit Windows and 64-bit Windows.
c)Edit the configuration file.
Add the collected root account usernames and passwords of the Linux servers where the Athena EPP agent is to be installed to config.txt in the format of "Linux_IP SSH_port username password", as shown in the following figure. 
d)Run the tool.
Run InstallMain64.exe or InstallMain32.exe. For example, to run InstallMain64.exe, execute "InstallMain64.exe [Manager IP]", as shown in the following figure.
e)Verify the installation.
Wait for 10 to 30 minutes for the installation to finish. The installation duration varies with the number of endpoints where the Athena EPP agent is being concurrently installed. Once the Athena EPP agent is installed successfully, you can find the online Linux servers by going to Endpoints > Endpoint Groups of the Athena EPP manager.
1. Put the configuration file and InstallMain64.exe in the same directory, and keep the configuration file name to "config.txt".
2. During the bulk installation via the deployment tool, Linux servers will download the Athena EPP agent installer from the Athena EPP manager. Limit the number of endpoints to avoid excessive bandwidth usage due to bulk installation and ensure stability. If the bandwidth is 100 Mbit/s, limit the number of endpoints to 5 in a bulk installation. If the bandwidth is 1,000 Mbit/s, limit the number of endpoints to 60 in a bulk installation.
3. After the installation is complete, clear the content of config.txt and delete the file to avoid password leakage.
In virtualization environments, administrators can convert a virtual machine with the Athena EPP agent installed into a template, from which virtual machines can be created in bulk. Go to System > Agent Deployment > Agent Download > Linux, find Agent Installation on Virtual Machines under Bulk Deployment, and click Expand on the right, as shown in the following figure.
Step 1.Download the installer for standard installation following the instructions in Chapter 2.4.3.1. The endpoint will go online once the installation is complete.
Step 2.Before exporting a virtual machine, run clone_tool under the "xxx/bin/" Athena EPP agent installation directory as the super administrator to ensure that the Athena EPP agent IDs of the created virtual machines are unique.
Run export LD_LIBRARY_PATH=/sf/edr/agent/xs_agent/lib and cd /sf/edr/agent/bin/ to go to the installation directory. Then, run ./clone_tool as the super administrator and wait for the prompt "create copying flag success" to appear. 
Step 3.Export the virtual machine. In this example, we will use the Sangfor HCI for demonstration. 
Step 4.Select a file format. OVA is recommended.
Step 5.Once the OVA file is exported, you can use it to create virtual machines with the Athena EPP agent installed. 
{{ $t('index.defaultHeader.chromeBrowserTip') }}