Configure a secure boot system with Symantec DCS or SEP Linux products

search cancel

Configure a secure boot system with Symantec DCS or SEP Linux products

book

Article ID: 227099

calendar_today

Updated On: 03-20-2025

Products

Data Center Security Server Advanced Endpoint Protection Endpoint Security Complete

Issue/Introduction

With Secure Boot enabled, customers may receive the below errors while installing DCS or SEP Linux Agents:

*************************************************************************

* NOTICE: SecureBoot enabled mode is detected on this machine. Further *
* action is required to load the product kernel modules on this system. *

*************************************************************************

Or while trying to load the modules manually:

[user@localhost init.d]# ./sisap.init start
Error: sisap.init: error Missing driver key in MOK
Error: sisap.init: error loading Symantec Agent for Linux AP driver

This is a guide to configure a Secure Boot system with Symantec DCS or SEP Linux products.

Environment

Symantec Endpoint Protection (SEP) Linux 14.3 RU4 or later is recommended, 14.3 RU3 or later is required

Data Center Security: Server Advanced (DCS:SA) 6.9.2 or later is recommended, 6.9.1 or later is required

Please note that Secure Boot in Confidentiality mode disables some operating system features used by SEP Linux for performance.

Resolution

Please see the attached whitepaper for details and usage

For DCS 6.9.1, you will also need to download the updated Policy Packs from the Broadcom Support Portal

DCS Policy Packs Required:
SDCSSWorkloadPreventionPolicyWorkspacePack-v6.9.1-m5.2.9-2021112402.zip
SDCSSPreventionPolicyPack-v6.9.1-m5.2.9-2021112402.zip

DCS Policy Pack Download Location:
https://support.broadcom.com/group/ecx/productfiles?sellable=DAT71010&release=6.9.1&os=&servicePk=0&language=EN

DCS Policy Pack Import and Policy Update Details

DCS Importing Policy Packs
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/data-center-security-(dcs)/6-9-1/policies-v127947621-d3608e175970/importing-and-exporting-policies-v127948569-d3608e179111.html

DCS Updating a Policy from a newer Policy Pack
https://techdocs.broadcom.com/us/en/symantec-security-software/endpoint-security-and-management/data-center-security-(dcs)/6-9-1/policies-v127947621-d3608e175970/updating-a-policy-v127948618-d3608e179255.html

Attachments

1645131050504__Secure_Boot_Symantec_Agent_for_Linux_rev_7.pdf get_app

Feedback

Was this article helpful?

thumb_up Yes

thumb_down No