DLP Enforce Server Quick Install Guide for Linux
search cancel

DLP Enforce Server Quick Install Guide for Linux

book

Article ID: 272211

calendar_today

Updated On:

Products

Data Loss Prevention Data Loss Prevention API Detection for Developer Apps Virtual Appliance Data Loss Prevention API Detection Virtual Appliance Data Loss Prevention Cloud Detection Service Data Loss Prevention Cloud Detection Service for ICAP Data Loss Prevention Cloud Detection Service for REST Data Loss Prevention Cloud Package Data Loss Prevention Cloud Prevent for Microsoft Office 365 Data Loss Prevention Cloud Service for Discovery/Connector Data Loss Prevention Cloud Service for Email Data Loss Prevention Cloud Storage Data Loss Prevention Core Package Data Loss Prevention Data Access Governance Data Loss Prevention Discover Suite Data Loss Prevention Endpoint Discover Data Loss Prevention Endpoint Prevent Data Loss Prevention Endpoint Suite Data Loss Prevention Enforce Data Loss Prevention Enterprise Suite Data Loss Prevention for Mobile Data Loss Prevention for Office 365 Email and Gmail with Email Safeguard Data Loss Prevention Form Recognition Data Loss Prevention Network Discover Data Loss Prevention Network Email Data Loss Prevention Network Monitor Data Loss Prevention Network Monitor and Prevent for Email Data Loss Prevention Network Monitor and Prevent for Email and Web Data Loss Prevention Network Monitor and Prevent for Web Data Loss Prevention Network Prevent for Email Data Loss Prevention Network Prevent for Email Virtual Appliance Data Loss Prevention Network Prevent for Web Virtual Appliance Data Loss Prevention Network Protect Data Loss Prevention Network Web Data Loss Prevention Oracle Standard Edition 2 Data Loss Prevention Plus Suite Data Loss Prevention Sensitive Image Recognition Data Loss Protection Oracle Standard Edition

Issue/Introduction

This is a Quick Install guide for the Data Loss Prevention Enforce Server

For the full "DLP Quick Install Guide for Linux" please visit the following link: DLP Quick Install Guides

Environment

Linux

Cause

The Enforce Server is a core component required for Data Loss Prevention.

Resolution

VERSION DISCLAIMER:
Please note that the following instructions are version agnostic and can generally be used on any currently supported version. As such, you will find several variables denoted such as "<DLPversion>" to indicate where a version number "should" be used. You will need to replace these variables with the appropriate version that you are attempting to use. Below are a few examples of such translations...

<DLPversion> = 15.8, 16.0, 16.0.1 or 16.0.2
<DLPfullversion> = 16.0.10000.60631
<ORACLEversion> = 193000 or 19.3.0.0
<JREversion> = jdk8u322-b06 or 8u322b06

Note: Username and Passwords provided below are for example only, choose your own values to match your company requirements.

 

Download Installers: https://support.broadcom.com/group/ecx/productdownloads?subfamily=Data%20Loss%20Prevention
DLP Platform Installer: Symantec_DLP_<DLPversion>_Platform_Lin-IN_<DLPfullversion>.zip
Oracle Client Installer: Linux.X64_<ORACLEversion>_client.zip
     ** The Oracle Client MUST be installed if Oracle is not installed locally on the Enforce Server.

Pre-requisites:
RHEL Developer Subscription:
     RHEL Registration Quick Install Guide for Linux

Firewalld: 

     DLP on RHEL: How to open firewalld ports

DLPInstallers directory:
     - At the root level create a new directory called "DLPInstallers", this will be used to download all of the DLP related software.
          mkdir /DLPInstallers
     
     - Download all of the DLP/Oracle installers and place them into this "DLPInstallers" directory.

Download additional software:
     yum install zip unzip
     - This will install "zip", and "unzip"
     - You may see a message indicating that one or more of these is already installed. That is perfectly fine, you can install any missing utilities and move on.

Install Java:
     Java AdoptOpenJRE Quick Install Guide for Linux

Install the Oracle 19c Client:
     Oracle 19c Client Quick install Guide for Linux

Create the Environment Variables:
     Environment Variables Quick Install Guide for Linux

 

Install the DLP Enforce Server:
     - Copy the Installer to your staging directory "Symantec_DLP_<DLPversion>_Platform_Lin-IN_<DLPfullversion>.zip"
          /DLPInstallers/<DLPversion>/Symantec_DLP_<DLPversion>_Platform_Lin-IN_<DLPfullversion>.zip
     - Unzip the Platform installer
          unzip Symantec_DLP_<DLPversion>_Platform_Lin-IN_<DLPfullversion>.zip
          - This will unzip everything to a DLP directory
               /DLPInstallers/<DLPversion>/DLP
               
     - CD to the installer packages
          cd /DLPInstallers/<DLPversion>/DLP/<DLPversion>/New_Installs/Release
     - Unzip the EnforceServer.zip
          unzip EnforceServer.zip
          
     - CHMOD the RPM files to 755 so they can be executed
          chmod 755 *.rpm
     - CHMOD the "install.sh" file to 755 as well so it can be executed
          chmod 755 install.sh
     - Install/Confirm the Dependencies
          - Create a new "downloads" directory
               mkdir downloads
          - Run the following YUM command to download the dependencies
               yum install --downloadonly --downloaddir=./downloads *.rpm
          - CD into the downloads directory
               cd downloads
          - Run the following YUM command to install the dependencies
               yum install *.rpm
     - Run the "install.sh" to install the Enforce Server software
          - CD back to the "Release" directory where the "install.sh" installer is located.
               cd /DLPInstallers/<DLPversion>/DLP/<DLPversion>/New_Installs/Release
          - run the "install.sh" for the Enforce Server
               ./install.sh -t enforce
               ** note that this command will install using the default directories
               ** If you wish to use Customer Directories, please check the Admin Guide for more details

Run the Configuration Utility:
     - CD to the "/protect/install/" directory
          cd /opt/Symantec/DataLossPrevention/EnforceServer/<DLPversion>/Protect/install
     - Run the EnforceServerConfigurationUtility
          ./EnforceServerConfigurationUtility -silent -jreDirectory=/opt/AdoptOpenJRE/<JREversion>
          - Accept the Agreement
               1
          - Enter your JRE Directory
               /opt/AdoptOpenJRE/<JREversion>
          - Use FIPS? (only use this if required)
               1
          - Select New User
               1
          - Create a new Service Account
               SymantecDLP
          - Enter your ORACLE_HOME
               /opt/oracle/product/<ORACLEversion>/client_1
          - Enter your Oracle Hostname or IP
               10.252.165.138
          - Enter your Oracle Port
               1521
          - Enter your Oracle Servicename
               protect
          - Enter your Oracle Username
               protect
          - Enter your Oracle Password
               protect
          - Initialize your Database (this will wipe the database)
               1
          - Enforce Administrator Password
               Broadcom1
          - External Storage
               1
          - Select additional languages (1 for None)
               1 

 

Log into the Enforce Console:
     - Open a Browser
          https://<enforce hostname or ip>

Additional Information