Install Kaspersky Endpoint Security for Linux on Red Hat 8

Install Kaspersky Endpoint Security for Linux on Red Hat 8
Install Kaspersky Endpoint Security for Linux on Red Hat 8

Install Kaspersky Endpoint Security on Red Hat 8 - Hello everyone, welcome to the kitsake.com blog. I hope you are all doing well and blessed with ease in everything, whether life or work. Amen.

On this occasion, I will discuss how to install Kaspersky Endpoint Security for Linux on Red Hat 8.

An antivirus is highly necessary and plays a crucial role within a server to maintain the security of the server itself, ensuring that the system remains healthy and protected from more significant issues caused by viruses.

Viruses come in various types, and by using a reliable, effective antivirus with regularly updated databases like Kaspersky, hopefully, the server will be secure and operate smoothly.

Installing this antivirus not only safeguards the server's security, but it's also a mandatory requirement for certain institutions conducting their business on Linux Red Hat 8 or other operating systems.

Preparation Before Installing Kaspersky

Alright, in this case, I'll provide an example using the installation of Kaspersky Endpoint Security for Linux (KESL) that is connected to the Kaspersky Security Center (KSC) server as the policy manager for its clients or the Red Hat 8 Server.

Install Kaspersky Total Security
Install Kaspersky Total Security

With the explanations accompanied by the images above, I hope you now understand my intention. Models like the one above are typically employed by institutions engaged in medium to large-scale business operations. Consequently, they possess their own Kaspersky Security Center (KSC) that will be managed by specific departments.

Through the connection of KSC, when you install Kaspersky, the activation code process will involve manual steps, usually employing commands on the machine. Alternatively, once connected to KSC, the Kaspersky license will activate automatically.

Step by Step Install Kaspersky Endpoint Security for Linux

Alright, now let's proceed to the more technical aspect, which is the main topic of this article: Installing Kaspersky Endpoint Security on Red Hat 8.

Kaspersky Download

The first step is that you can download Kaspersky Endpoint Security for Linux. Due to the lack of internet access on the server and possibly being prohibited by certain institutions, the server may need to use an offline installation method for installing anything.

To download, you can go to the official Kaspersky page here: Kaspersky Download. And what you need to download is:

  1. Kaspersky Endpoint Security for Linux
    Version 11.4.0.1096 | Red Hat Enterprise Linux x64 | Distributive
  2. Kaspersky Endpoint Security for Linux
    Version 11.3.0.7441 | Red Hat Enterprise Linux x64 | Network agent
Kaspersky Downloads
Kaspersky Downloads

Upload to Client Server Kaspersky

Once the installer has been downloaded, you can upload the file to the server where the installation will take place. In this case, I've already uploaded it using FTP and placed it in the home profile "kitsake".

Install Kaspersky Linux

Next, for installing Kaspersky Endpoint Security for Linux, I usually install the Network Agent first before the Kaspersky Installer Distributive or KESL. To do this, you can follow the commands below:

Install Network Agent

Before installation, I create a file called "autoanswer.conf" which will be used later when running the post-installation process.

# vi autoanswers.conf
KLNAGENT_SERVER=192.168.1.10
KLNAGENT_PORT=14000
KLNAGENT_SSLPORT=13000
KLNAGENT_USESSL=Y
KLNAGENT_GW_MODE=1

To install, you simply use the command "yum install" followed by the downloaded Network Agent .rpm file placed on the client-server. I also immediately added "-y" to automatically confirm the installation of the .rpm file.

# yum install klnagent64-14.0.0-4646.x86_64.rpm -y
Install Network Agent
Install Network Agent

The next step is to run "postinstall.pl" to read the policies provided by Kaspersky and input some required settings. One of the requirements is the content of the previously created "autoanswer. conf" file.

To run "postinstall.pl," use the following command and provide the option to call the configuration file "autoanswer. conf" that was created earlier:

# /opt/kaspersky/klnagent64/lib/bin/setup/postinstall.pl --auto
Please enter 'Y' to confirm that you accept the End User License
Agreement. You must accept the terms and conditions of the End
User License Agreement to install the application. Enter 'N'
providing you do not accept the End User License Agreement or
'R' to show it again [N]:
Y
Starting klnagent64:

Kaspersky Network Agent is installed.
Binaries were installed in /opt/kaspersky/klnagent64/bin

run postinstall.pl kasperky
run postinstall.pl kasperky

With the above steps completed, you have successfully installed the network agent of Kaspersky Endpoint Security for Linux. You can check the status of the network agent using the following method:

# /opt/kaspersky/klnagent64/bin/klnagchk

Install Distributive

Next, we will install KESL or the Distributive. The function of this .rpm is similar to an agent that executes tasks from the KSC sent to the Kaspersky client server.

To install it, you can follow the command below:

# yum install kesl-11.4.0-1096.x86_64.rpm -y
Install Distributive Kaspersky
Install Distributive Kaspersky

Once installed, proceed to the "kesl-setup.pl" section, starting from reading the agreement to the SELinux configuration.

To run "kesl-setup.pl," you can follow the command below:

# /opt/kaspersky/kesl/bin/kesl-setup.pl
Setting up the Anti-Malware Service default locale : Enter

Accepting the End User License Agreement (EULA) and Privacy Policy 
Press ENTER to display the EULA and Privacy Policy : Enter

I confirm that I have fully read, understand, and accept the terms and
conditions of this End User License Agreement [y/n]: y

I am aware and agree that my data will be handled and transmitted
(including to third countries) as described in the Privacy Policy. I
confirm that I have fully read and understand the Privacy Policy [y/n]: y

Configuring KSN 
I confirm that I have fully read, understand, and accept the terms and
conditions of the Kaspersky Security Network Statement (KSN Statement is
available here: '/opt/kaspersky/kesl/doc/ksn_license.en') [y/n]: y

Granting the Administrator role : Enter

Configuring filye interceptors

SELinux configuration : y

run kesl-setup.pl kasperky
run kesl-setup.pl kasperky

Restart-Service KESL & Network Agent

After being installed and configured by reading the agreement from Kaspersky on the client-server, it's advisable to restart both services using the following method:

# systemctl restart kesl.service; /opt/kaspersky/klnagent64/bin/klnagchk -restart

Configure on Kaspersky Security Center

During the initial installation, the Kaspersky antivirus on the client isn't fully functional. Configuration or adjustments need to be made within the Kaspersky Security Center.

The explanation above is also the same as the final output after you install Kaspersky Endpoint Security for Linux Distributive.

Configure on Kaspersky Security Center
Configure on Kaspersky Security Center

You are required to configure Kaspersky Endpoint Security for Linux through KSC. For the steps, you can follow the instructions below:

Open Kaspersky Security Center 

For servers newly installed with Kaspersky Endpoint Security for Linux, they will automatically enter the "Unassigned devices" folder within the Kaspersky Security Center.

I also need to move them to the server folder for better organization and to assign policies as needed by the clients within that folder.

Afterward, upon entering the server folder, you can observe the status as shown in the image below:

Open Kaspersky Security Center
Open Kaspersky Security Center

Yes, for the network agent, it's already fine with the "OK" status. However, the real-time protection is still marked as "critical." You can view the details by double-clicking on the respective server and checking in the "Protection" menu.

propeties of client-server kaspersky
propeties of client-server kaspersky

There, you will receive detailed reasons for why the status displayed in the KSC dashboard is critical. With this output, you will know what the next steps to take should be.

Update Database Kaspersky for Client Server

Once you understand the issue that the antivirus isn't functioning on the client-server due to "Database are not loaded" you need to execute the update task to instruct the Kaspersky client-server to update its database.

Go to the "Task" menu - Select "Update" - Click the Play icon - Wait until the process is complete.
Update Database Kaspersky for Client Server
Update Database Kaspersky for Client Server

Then, after the process is complete, you can review the details again to see if Kaspersky on the client is fully operational or not. You need to check this in the "Protection" menu.

Menu protection on kaspersky
Menu protection on kaspersky

Restart the KESL & Network Agent services on the Client Server

Again and again, we are required to restart both Kaspersky services on the client-server after configuration to ensure that Kaspersky Endpoint Security for Linux operates perfectly.

Yes, to restart, simply copy the command below:

# systemctl restart kesl.service; /opt/kaspersky/klnagent64/bin/klnagchk -restart

Restart-Service KESL & Network Agent
Restart-Service KESL & Network Agent

Check the Kaspersky Protection Status on the KSC Server

I went back to check directly on the dashboard of my development server folder to ensure that the installation was completed and integrated with KSC, marked by:

  • Real-time protection = Running
  • Status = OK/Visible
  • Network Agent is running = Yes

Check the Kaspersky Protection Status on the KSC Server
Status on the KSC Server

Closing statement

Yes, the above is what I can write and share with you about installing Kaspersky Endpoint Security for Linux on Red Hat 8.

Perhaps that's the extent of what I can share with you all. Hopefully, this article will prove to be helpful.

Thank you.

Bangkit Ade Saputra
Bangkit Ade Saputra At the end of the day, my job involves people. we're complicated, we're always changing, we have millions of things going on in our lives, and changing jobs is always a big decision.

Post a Comment for "Install Kaspersky Endpoint Security for Linux on Red Hat 8"