How to deploy the Symantec Endpoint Protection (SEP) Linux client as part of a cloned drive image

SEP for Linux 14.3 MP1 and below

To deploy the Symantec Endpoint Protection Linux client as part of a cloned drive image, follow these steps on a base machine that will act as the source of the image:

1. Install and configure Linux OS and other applications.
    
2. Install an unmanaged Symantec Endpoint Protection client. This SEP client can optionally be prepared in later steps with a communications settings file (sylink.xml). When a cloned machine that is prepared with this image starts for the first time, SEP can use this file to convert to a managed client. If an unmanaged client is the desired end result for clones, skip to step 6.
    
3. In your Symantec Endpoint Protection Manager choose a client group that you wish your clones to be a member of. Right-click the desired client group and choose "Export Communications Settings..." and save the sylink.xml file.
   
   The following steps are to be performed only when you are ready to capture an image of this base system drive:
    
4. On the Linux base machine, stop the smcd service:
   sudo service smcd stop
    
5. Backup or rename /etc/symantec/sep/sylink.xml and replace it with the exported sylink.xml file. NOTE that the file name should be entirely lower-case. Do NOT restart the machine or the smcd service at this point---otherwise SEP will be converted to a managed client that will not be suitable for cloning. If further restarts are necessary for base image maintenance then first restore the unmanaged sylink.xml that was backed up in this step. You may also find an unmanaged version of the sylink.xml in the expanded unmanaged SEP Linux installer files (sep-deb.zip or sep-rpm.zip) under the "Configuration" directory. Otherwise you will have to uninstall the SEP client and repeat steps 2-5 before re-capturing the base image.
    
6. Capture/save an image of base machine's drive, using the preferred tools and methods.

Once the image has been created, it can be deployed to a new machine for use in a production environment. When preparing such a clone, follow these steps:

1. Write the image to the target machine using the preferred tools and methods.
2. Restart the target machine normally. The SEP Linux client will use the sylink.xml file to connect to the SEPM.
3. Change the target machine's Linux hostname.

It is OK if different machines check in initially with the same name to the SEPM. The SEPM differentiates between clients by using a unique Hardware ID generated by SEP. Changing the client machine's hostname does not cause a change in this Hardware ID.

Another option to create managed SEP clones: deploy image with unmanaged SEP client, then convert to managed client via scripted operations and the instructions in Importing client-server communication settings into the Linux client

For SEP 14.3 RU1 and above, see Deploy Linux agent as part of a cloned drive image.