Endpoint Protection

 View Only
Back to Library

How to install Symantec Endpoint Protection 12.1.5 on supported Linux operating systems 

Oct 15, 2014 03:12 PM

Overview

The Symantec Endpoint Protection client for Linux provides Virus and Spyware protection and Auto-Protect features for supported Linux operating systems.

It can be deployed using the Web link and email or Save package method from the Symantec Endpoint Protection Manager. Two types of client setup packages can be imported into and exported from the SEPM:

  • RPM (Red Hat, SUSE, Oracle, etc.)
  • DPKG (Debian, Ubuntu, etc.)

The SEPM will add the sylink.xml and serdef.dat for the selected group to the install package and will compress all of the files into a single .zip (default compression format).

It can be updated from a LiveUpdate server (internal or external), or using the Intelligent Updater file.

The installation is now in the form of a single install script which can install all components on the client at once.

Note: You must have superuser privileges to perform the steps describe below on the Linux operating system.

Minimum System requirements

Hardware:

  • Intel Pentium 4 (2 GHz) or higher processor
  • 1GB of RAM
  • 5 GB of available hard disk space

Operating systems:

  • CentOS 6U4, 6U5; 32-bit and 64-bit
  • Debian 6.0.5 Squeeze; 32-bit and 64-bit
  • Fedora 16, 17; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 2 SP2 and 2 SP3 running SUSE Linux Enterprise Server (SLES) 10 SP3; 32-bit and 64-bit
  • Novell Open Enterprise Server (OES) 11 and 11 SP1 running SUSE Linux Enterprise Server (SLES) 11 SP1 and SP2; 64-bit
  • Oracle Linux 5U8, 5U9, 6U2, 6U4; 64-bit
  • Red Hat Enterprise Linux Server (RHEL) 5U7 - 5U10, 6U2 - 6U5; 32-bit and 64-bit
  • SUSE Linux Enterprise Server (SLES) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • SUSE Linux Enterprise Desktop (SLED) 10 SP3, 10 SP4, 11 SP1 - 11 SP3; 32-bit and 64-bit
  • Ubuntu Server 11.10, 12.04, 12.04.2, 13.04; 64-bit
  • Ubuntu Desktop 11.10, 12.04, 12.04.2, 13.04; 64-bit

For a list of supported kernels, see:

http://entced.symantec.com/sep/12.1.5/​doc_sep_linux_sys_req

Graphical desktop environments:

  • KDE
  • Gnome

Other environmental requirements:

  • Oracle Java 1.5 or later; Java 7 or later recommended.
    This installation requires superuser privileges.
  • Unlimited Strength Java Cryptography Extension (JCE)
    You must install the Unlimited Strength Java Cryptography Extension policy files to match your version of Java. This installation requires superuser privileges.
    You can download the installation files under Additional Resources from the following Oracle website:
    http://www.oracle.com/technetwork/java/javase/downloads/​index.html
  • i686-based dependent packages on 64-bit computers
    Many of the executable files in the Symantec Endpoint Protection package are 32-bit programs. For 64-bit computers, you must install the i686-based dependent packages before you install the Symantec Endpoint Protection package.
    If you have not already installed the i686-based dependent, you can install them with the following command. This installation requires superuser privileges, which the following command demonstrates with sudo:
    sudo yum install glibc.i686 libgcc.i686 libX11.i686

Preparing the Linux operating system

Make sure to have the following files ready on the Linux system:

  • UnlimitedJCEPolicyJDK7.zip
  • SymantecEndpointProtection.zip

Make sure the Linux system meet the minimum requirements described above.

Installation steps

The client install package includes a pre-check to determine whether or not Oracle Java is installed, whether its version is equal to or greater than 1.5, and that the Java Cryptography Extensions (JCE) is installed. If any of these items fail the pre-check test, the installation will terminate. This check also determines whether or not Java is installed with root permissions and will result in a failure if it is not.

install.png

Screenshot2.png

Proxy configuration

proxy_0.png

JLU_Linux.png

Troubleshooting

Command-line

Browse to /opt/Symantec/symantec_antivirus, and then run the desired command:

Management

  • Import sylink communication settings file
sav manage -i [sylink.xml]
  • Display current profile serial number
sav manage -p
  • Display the current SEPM
sav manage -s
  • Display the current group name
sav manage -g
  • Invoke a heartbeat request to the SEPM
sav manage -h
  • Display the current location name
sav manage -o
  • Display the last connection time to the SEPM
sav manage -t
  • Display the license status
sav manage -l
  • Roll back definitions to the previous set (if one is available)
sav definitions -r
  • Use the newest definitions
sav definitions -u
  • Export client logs
sav log -e [file] -f <start_id> -t <end_id>

LiveUpdate

  • Start LiveUpdate
sav liveupdate –u

Information

  • Display the status of Auto-Protect
sav info -a
  • Display the virus definitions version
sav info -d
  • Display the current product version
sav info -p
  • Display the current scan engine version
sav info -e
  • Determine if a scan is in progress
sav info -s

Logs location

Installation log: /root

  • sepfl-install.log
  • sep-install.log
  • sepap-install.log
  • sepui-install.log
  • sepjlu-install.log

LiveUpdate log : /opt/Symantec/LiveUpdate    

  • liveupdt.log

Uninstallation steps

uninstall.png

References

Supported Linux kernels for Symantec Endpoint Protection

http://www.symantec.com/docs/TECH223240

Intelligent Updater file for Symantec Endpoint Protection 12.1.5, see Unix Platforms

http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

Related article

SEP 12.1 RU5 for Linux uses significant amount of memory
http://www.symantec.com/docs/TECH225299

Statistics
0 Favorited
18 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Migration User
May 26, 2016 03:19 PM 

sudo ~/symantec/install.sh -i
Starting to install Symantec Endpoint Protection for Linux
Performing pre-check...
Pre-check succeeded
Begin installing virus protection component
(Reading database ... 183947 files and directories currently installed.)
Preparing to unpack .../symantec/Repository/sep.deb ...
Missing package files: //../install.sh, please check the package and use a valid one.
Virus protection component failed to install, with error:  /home/txtinman/symantec/Repository/sep.deb

I receive this error when running install.sh on my Linux Mint 17.3 laptop. sep.deb is in the Repository directory. What may be going wrong here?

Mike

Migration User
Oct 27, 2015 02:40 PM

I followed these steps and was able to get SEP installed on Linux Mint 17.2, but AP still says "Malfunctioning" after the definitions were installed. I've restarted and even tried to push-enable AP from the Manager to no avail. Any idea what is wrong?

 

Migration User
Sep 17, 2015 04:37 PM

Thanks a lot!

And I have a question: the "unix64.sh" is for which OS?

ArpitBadwaik
Sep 14, 2015 07:54 AM

Hi Hamasuva,

The format for the Intelligent Updater name is YYYYMMDD-REV-TYPE.sh. Type refers to if it is for Windows/Linux/Mac and whether it is for a 32-bit or 64-bit machine. SEPFL always uses the 32-bit package, even for 64-bit machines. For instance, to download the Intelligent Updater definitions for a 64-bit Linux machine for August 17th, 2015 and revision 16, the filename would be “20150816-016-unix.sh”

From screenshot I can see you have downloaded file for 64-bit.

Note that the unix.sh updater (32-bit) provides the appropriate updates for both 32-bit and 64-bit SEP for Linux (SAVFL) clients. Even with 64-bit Linux systems, use the file that ends with "unix.sh" not "unix64.sh"

Please refer below article for detailed information:

http://www.symantec.com/docs/TECH96754

Thanks and Regards,

Arpit Badwaik    
Sr. Technical Support Engineer-Advance team,

Enterprise Security Support

Symantec Corporation|www.symantec.com

SecurityPlus_Certified_CE_Logo

Migration User
Aug 26, 2015 03:08 PM

HI

I have a question

my OS is Llinux Mint 17.1(base on ubuntu 14.04), SEP 12.1.6 was just installed OK, and I download the Intelligent Updater file “20150825-017-unix64.sh”, but I can't update just like this:

Please help me, what's matter?

Migration User
Jul 02, 2015 08:50 AM

Sorry if not in topic, but can't found elsewere.

After installing... manual scan are working, i see comp in console, but:

#./sav info --autoprotect

Malfunctioning

 

Migration User
Jun 10, 2015 08:59 AM

Is there anyway to modify the username and more importanly the UID which is created on install?

ArpitBadwaik
May 29, 2015 10:00 AM

Please check "Installation of SEP For Linux on Red Hat Enterprise Linux" Video

https://www-secure.symantec.com/connect/videos/installation-sep-linux-re...

Migration User
Apr 15, 2015 11:31 AM

During installation we encountered an error in Step 2 in the Installation steps specified above.  The path for the local_policy.jar and US_export_policy.jar files did not work:  /usr/java/jrel.7.0_67/lib/security. We had to change the destination path to  /usr/java/jdk1.7.0_76/jre/lib/security. Then the installation succeeded.

ArpitBadwaik
Mar 19, 2015 07:22 AM

You can also check "Installation of SEP For Linux on Red Hat Enterprise Linux" Video

https://www-secure.symantec.com/connect/videos/installation-sep-linux-red-hat-enterprise-linux

 

Migration User
Jan 30, 2015 06:50 PM

One more post regards to - 

 

How to install Symantec Endpoint Protection 12.1.5 (RU5) on Linux operating system.

 

Migration User
Jan 30, 2015 06:39 PM

Perfect post for SEP 12.1Ru5 AND Linux. :) 

Related Entries and Links

No Related Resource entered.