Methods To Install an App Control Agent
search cancel

Methods To Install an App Control Agent

book

Article ID: 286750

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Steps to install an App Control Agent

Environment

  • App Control Agent: All Supported Versions
  • Microsoft Windows OS: All Supported Versions
  • macOS: All Supported Versions

Resolution

Windows

Note:

Method 1: Using a Policy Installer (Preferred)

  1. Navigate to https://ServerAddress/hostpkg/ to download the relevant Policy installation package.
  2. Confirm if Registration Codes are enabled or not.
  3. Use an administrative command prompt to issue the relevant command:
    • If Registration Codes are disabled: 
      msiexec.exe /i "C:\Path\To\PolicyInstaller.msi" /qn /norestart /L*v "C:\Temp\AgentInstall.log"
    • If Registration Codes are enabled: 
      msiexec.exe /i "PolicyInstaller.msi" B9_REGISTRATION_CODE=registrationcodegoeshere /qn /norestart /L*v "C:\Temp\AgentInstall.log"

Method 2: Using Parityhostagent.msi

Using the server.conf file (8.7.4+):

  1. Navigate to https://ServerAddress/hostpkg
  2. Download the relevant Policy.zip file to the endpoint.
    • Example: Production-LowEnforcement.zip
  3. Extract the contents to a temporary location.
    • Example: C:\Temp\Production-LowEnforcement\
  4. .Execute the parityhostagent.msi installation file.
    • Note: On Windows XP / Server 2003 the parityhostagent_sha1.msi file must be used. XP and 2003 do not support the SHA256 signed version. This was not included by default in the .zip policy package until server 8.9+. It can be manually obtained from C:\Program Files (x86)\Bit9\Parity Server\hostpkg.

Manually:

  1. Gather "ParityHostAgent.msi" and "configlist.xml" files from the App Control servers hostpkg folder
    • The default location is C:\Program Files (x86)\Bit9\Parity Server\hostpkg)
    • The unencrypted version of configlist.xml is required. Using configlist.xml.egk or configlist.xml.enc will result in a failed install attempt.
  2. Gather the necessary detail:
    • B9_SERVER_IP: This needs to match the  "Server Address" listed in the console under System Configuration (gear icon) > general tab
    • B9_SERVER_PORT: This must match the "Server Port" mentioned in System Configuration > general tab
    • B9_SERVER_ID: This is found by navigating to https://yourconsole/support.php > Advanced Configuration > Server ID field
    • B9_CONFIG: This will be the path to the configlist.xml that you copied
    • B9_HOSTGROUP: This value will be the name of the policy you want to assign it to after install, policy name should be in quotes.
    • Optional (B9_REGISTRATION_CODE) Confirm if Registration Codes have been enabled. If so, this must have a valid code specified.
  3. Open and admin CMD Prompt and run the relevant command. Example: 
    msiexec /i C:\Temp\ParityHostAgent.msi B9_SERVER_IP=server.fqdn.com B9_SERVER_PORT=41002 B9_SERVER_ID={b9}Idcodehere9D1hH6TAwY7gJlqfeWUeGQRg42/soLdWgZts= B9_CONFIG=C:\Temp\configlist.xml B9_HOSTGROUP="Corp Low Policy" B9_REGISTRATION_CODE=registrationcodegoeshere /l*v C:\Temp\AgentInstall.log

macOS

  1. Navigate to https://ServerAddress/hostpkg and download the relevant macOS install package.
  2. Open a Terminal window and change directory to the location where the installer was downloaded (by default, the user-specific Download directory - cd ~/Downloads
  3. Double-click on the agent installation file you downloaded (policyname-mac.dmg). A standard package installation dialog begins.
  4. Respond to the installation dialog prompts, and when the dialog indicates the installation was successful, click Close.
  5. The Mac firewall may detect the agent as a new application and block access to the network. Instruct users to permanently allow incoming connections to b9daemon.

Linux

  1. Navigate to https://ServerAddress/hostpkg and download the relevant Linux install package.
  2. Extract the Agent installer: 
    tar -xvzf <policyname>-Red Hat.tgz
    • Note: If the Policy name contains characters not accepted in command arguments, such as spaces or parentheses, escape each character with a backslash.
  3. Change to the directory matching the download tarball name: 
    cd <policyname>-Red Hat
    • Note: App Control Server versions 8.9.0 and lower will require the attached bit9cs_sha2.asc in the same folder as b9install.sh.
  4. Validate the b9install script against the Public Key and Detached Signature with the following commands: 
    gpg –-dearmor bit9cs_sha2.asc
gpg --no-default-keyring --homedir . --keyring bit9cs_sha2.asc.gpg --verify b9install.asc b9install.sh
    • Note: The result should return similar: gpg: Good signature from "build (carbonblack)"
  5. Install the Agent: 
    With Notifier: sudo sh ./b9install.sh
Without Notifier: sudo sh ./b9install.sh –n

Notes:

  • This procedure (and any installation involving b9install.sh) should be used only when the Linux Agent is otherwise fully removed from the endpoint.
  • If using Secure Boot, please follow these instructions instead:

Attachments

20413_bit9cs_sha2.asc.zip get_app
Powered by Wolken Software