Instalasi ESET Protect – RHEL 7.x Tambahkan repo EPEL
yum install epel-release
Tambahkan repository MySQL 5.7
rpm -Uvh http://dev.mysql.com/get/mysql57-community-release-el7-7.noarch.rpm yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2022
Update OS
yum update
Install Dependencies RHEL 7.x
yum install -y wget lshw mysql-community-server mysql-connector-odbc xorg-x11-server-Xvfb cifs-utils krb5-workstation samba samba-winbind-clients openldap-clients net-snmp-utils net-snmp policycoreutils-devel java-1.8.0-openjdk tomcat qt4-webkit links yum-plugin-versionlock httpd setroubleshoot-server mod_ssl cyrus-sasl-gssapi cyrus-sasl-ldap xauth
note : Pastikan untuk mysql install versi 5.7.
Downgrade ODBC ke versi 5.3.10
yum downgrade mysql-connector-odbc-5.3.10
Lock Mysql Component agar tidak upgrade
yum versionlock mysql-*
Start MySQL
systemctl start mysqld
Ambil random root password
grep 'A temporary password is generated for root@localhost' /var/log/mysqld.log |tail -1
Buat password MySQL
mysql_secure_installation
# Edit Konfigurasi MySQL vi /etc/my.cnf
# Tambahkan di bawah [mysqld] dengan konfigurasi berikut
#ESET Requirement max_allowed_packet = 500M innodb_log_file_size = 100M innodb_log_files_in_group = 4
Restart MySQ systemctl restart mysqld
Set MySQL agar start saat OS Restart
systemctl enable mysqld
Download ERA war ( Web-console )
wget https://download.eset.com/com/eset/apps/business/era/webconsole/latest/era.war
Kopi file ESET Protect Console cp era.war /var/lib/tomcat/webapps/
Restart Service Tomcatsystemctl restart tomcat
Set Tomcat agar start saat OS Restart systemctl enable tomcat
Download package server-linux, Agent-linux, RDSensor-Linux untuk link installer : https://www.eset.com/us/business/download/eset-protect/#standalone
#Download package ESET Protect pastikan sesuai berdasarkan OS.
wget https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server-linux-x86_64.sh
wget https://download.eset.com/com/eset/apps/business/era/agent/latest/agent-linux-x86_64.sh
wget https://download.eset.com/com/eset/apps/business/era/rdsensor/latest/rdsensor-linux-x86_64.sh
# Ubah permission installer agar bisa di install chmod +x server-linux-x86_64.sh agent-linux-x86_64.sh mdmcore-linux-x86_64.sh rdsensor-linux-x86_64.sh
NOTE : Package installer mdm untuk install ESET mobile. jika tidak di install untuk mobile bisa di skip bagian MDM.
# Install ESMC Server ( sesuaikan dengan password mysql, password yang akan dipakai login ESMC )
./server-linux-x86_64.sh --skip-license --db-driver="MySQL ODBC 5.3 Unicode Driver" --db-hostname=127.0.0.1 --db-port=3306 --db-admin-username=root --db-admin-password=mysqlpassword --server-root-password="Passwordlogin" --db-user-username=root --db-user-password=mysqlpassword --cert-hostname="*" --enable-imp-program
# Coba Akses ESET Protect Webconsole silakan lanjutkan tahap Openfirewallhttp://IP_ADDRES_ATAU_HOSTNAME:8080/era
# Backup Certificate
#https://help.eset.com/esmc_admin/70/en-US/export_a_public_key.html
#https://help.eset.com/esmc_admin/70/en-US/export_a_public_key.html?export_certificate.html
# Install Agent (sesuaikan dengan password login ESET Protect yang telah dibuat Sebelumnya)
./agent-linux-x86_64.sh --skip-license --hostname=localhost --port=2222 --webconsole-hostname=localhost --webconsole-port=2223 --webconsole-user=administrator --webconsole-password="passwordlogin" --cert-auto-confirm --enable-imp-program
Install RDSensor
./rdsensor-linux-x86_64.sh --skip-license
Open Port Firewall (silakan skip jika tidak terinstall)
firewall-cmd --zone=public --add-port=2222/tcp --permanent firewall-cmd --zone=public --add-port=2223/tcp --permanent firewall-cmd --zone=public --add-port=8080/tcp --permanent firewall-cmd --zone=public --add-port=139/tcp --permanent firewall-cmd --zone=public --add-port=445/tcp --permanent firewall-cmd --zone=public --add-port=137/udp --permanent firewall-cmd --zone=public --add-port=138/udp --permanent firewall-cmd --zone=public --add-port=1237/udp --permanent firewall-cmd --zone=public --add-port=1238/udp --permanent
# Jika Spesifik
firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port port="8080" protocol="tcp" accept' --permanent firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port port="3128" protocol="tcp" accept' --permanent firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.2.0/24" port port="2222" protocol="tcp" accept' --permanent firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.2.0/24" port port="2223" protocol="tcp" accept' --permanent
Enable startup firewall systemctl reload firewalld
Install OPTIONAL Jika lisensi Minimal EEPS/EEPA
#Bahan yang diperlukan
#- export certificate agent dari ESMC
#- buat certificate mdm baru di ESMC lalu export dalam bentuk pfx
# Install MDM (pastikan mdm hostnamenya FQDN yang sifatnya public, untuk mysql password dan console password disamakan dengan ESMC yang telah dibuat sebelumnya)
./MDMCore-Linux-x86_64.sh --https-cert-path=PATH_Certificate_MDM_ESMC --port=2222 --db-type="MySQL" --db-driver="MySQL ODBC 5.3 Unicode Driver" --db-admin-username="root" --db-admin-password=PASSWORD_MYSQL --db-user-password=PASSWORD_MYSQL --db-hostname="127.0.0.1" --hostname=IP_ESMC --webconsole-password=PASSWORD_LOGIN_WEB_ESMC --cert-auto-confirm --mdm-hostname=FQDN_MDM --skip-license --enable-imp-program
Jika Upgrade dari versi sebelumnya
./MDMCore-Linux-x86_64.sh --hostname=IP_ESMC --webconsole-password=PASSWORD_LOGIN_WEB_ESMC --mdm-hostname=FQDN_MDM --https-cert-path=PATH_Certificate_MDM_ESMC --skip-license --enable-imp-program
Open Port Firewall(silakan skip jika tidak terinstall)
firewall-cmd --zone=public --add-port=9977/tcp --permanent firewall-cmd --zone=public --add-port=9978/tcp --permanent firewall-cmd --zone=public --add-port=9980/tcp --permanent firewall-cmd --zone=public --add-port=9981/tcp --permanent firewall-cmd --zone=public --add-port=9981/tcp --permanent firewall-cmd --zone=public --add-port=5223/tcp --permanent firewall-cmd --zone=public --add-port=2195/tcp --permanent firewall-cmd --zone=public --add-port=2196/tcp --permanent
# Tes Mobile Device Connector jika anda menginstall MDM
https://IP_ADDRESS_ATAU_HOSTNAME:9980/
#Info lebih lengkap
http://kb.eset.co.id
https://help.eset.com/protect_install/80/en-US/installation.html
https://support.eset.com/