The following procedure guides you through logging on to the endpoints and locally installing the Agent computer.
To manually install the Security Agents for UNIX:
From Change Guardian Main click, Integration > Agent Manager.
Download the agent artifacts and certificates. See Downloading Agent Artifacts and Certificates in Change Guardian User Guide.
Click All Assets, and then click Manage Installation and select Download.
Select the package you want to download and the configuration you want to use, and then click Start Download.
Agent Manager downloads SecurityAgentForUnix.zip to your computer.
Extract SecurityAgentForUnix.zip to the computer where you want to install the Security Agent for UNIX.
Provide file execute permission to the install.sh file and execute the install.sh script.
When prompted to continue with installation, enter y.
Specify the target installation directory, then press Enter.
Enter y to continue with the same installation path. However, you can enter n change the installation path.
When prompted, enter y to install the components like Sentinel, Secure Configuration Manager and Change Guardian. You can enter n if you do not need any specific component.
Specify the port number and the startup script of the Security Agent for UNIX.
Specify y if you want to install Security Agent for UNIX in FIPS mode. By default, the value is n.
Specify the IP address and port numbers for all the components that you selected to install in Step 10.
If you selected Change Guardian in Step 10, specify the username and password.
Continue with the installation steps. The installation might take a few minutes for all services to start after installation.
NOTE:Manual Installation of Security Agent for UNIX downloaded from Change Guardian Agent Manager accepts the agent certificate configuration even if there is a mismatch of the agent hostname and IP address. You must ensure that you use the correct configuration before installing Security Agent for UNIX.
To install an Agent on a local computer:
Download agent artifacts and certificates. For information on how to download, see Downloading Agent Artifacts and Certificates in Change Guardian User Guide
Log on to an Agent computer using an account with superuser privileges.
Download the package in the root folder and specify the following command to extract the install files from the tar file.
tar -zxvf <install_filename>
Replace <install_filename> with the actual name of the install file.
Change to the directory where you extracted the installer:
cd <directory_name>
Specify the following command to start the install script:
/bin/sh ./install.sh
(Conditional) If a compatible agent is already installed, enter y when you are prompted with the following text:
A compatible agent is already installed on this machine in the directory '/usr’. Do you want to add or upgrade existing agents to it?
(Conditional) If you are installing a new agent, when prompted, enter /usr and proceed through the prompts.
(Conditional) To install the Agent in FIPS mode, enter y when you are prompted with the following text in the command prompt:
Do you want to enable FIPS security restrictions for communication with this component? [n]
The default value is n.
Proceed through the prompts.
Enter y if you want the Agent to monitor other NetIQ security products. Otherwise, enter n.
When prompted, specify rclink.
rclink is the default option for restart method. For more information about restart methods, see Restart Methods for the Security Agent for UNIX.
(Conditional) If you are using Sentinel, when the installation completes, add the host using UAM for deploying the Sentinel rules. For information about how to deploy rules, see Activating Rule Sets.
(Conditional) If you are monitoring Oracle databases with Sentinel, provide the configuration information for the computer by clicking Configure> Sentinel Options > Configure Oracle Endpoints.
The installation process finishes and the Agent starts. It might take a few minutes for all services to start after installation.