[go: up one dir, main page]
Scribd
Upload
37 views19 pages

Ad Batch Deployment Doc Eng

Uploaded by

franklin.segurid4d
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views19 pages

Ad Batch Deployment Doc Eng

Uploaded by

franklin.segurid4d
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain

Controller

Sangfor Endpoint Secure


Deploy Endpoint Secure Agent via
AD Domain Controller

Document Version 01

Released on Jan. 24, 2022

Version 01 (Mar.24, 2021) 1


Confidentiality:
Public in Company
Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Version 01 (Jul.06, 2021) 2


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Copyright © Sangfor Technologies Inc. 2022. All rights reserved.

Unless otherwise stated or authorized, Sangfor Technologies Inc.


(hereinafter referred to as "Sangfor") and its affiliates reserve
all intellectual property rights, including but not limited to
copyrights, trademarks, patents, and trade secrets, and related
rights to text, images, pictures, photographs, audio, videos,
charts, colors, and layouts as presented in or concerning this
document and content therein. Without prior written consent of
Sangfor, this document and content therein must not be reproduced,
forwarded, adapted, modified or displayed or distributed by any
other means for any purpose.

Disclaimer

Products, services or features described in this document,


whether wholly or in part, may be not within your purchase scope
or usage scope. The products, services or features you purchase
must be subject to the commercial contract and terms as agreed by
you and Sangfor. Unless otherwise provided in the contract,
Sangfor disclaims warranties of any kind, either express or
implied, for the content of this document.

Due to product version upgrades or other reasons, the content of


this document will be updated from time to time. Unless otherwise
agreed, this document is used for reference only, and all
statements, information, and recommendations therein do not
constitute any express or implied warranties.

Version 01 (Jan. 24, 2022)


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Technical Support
For technical support, please visit:
https://www.sangfor.com/en/about-us/contact-us/technical-
support

Send information about errors or any product related problem


to tech.support@sangfor.com.

Version 01 (Jan. 24, 2022) 1


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

About This Document


This document describes the Endpoint Secure (aES) Agent
deployment via AD Domain Controller.

Intended Audience
This document is intended for:
 Network Engineer

 Network Administrator

Note Icons
English Icon Description

Indicates an imminently hazardous situation that, if not avoided, will result


in death or serious injury.

Indicates a potentially hazardous situation that, if not avoided, could result


in death or serious injury.

Indicates a hazardous situation, which if not avoided, could result in minor


or moderate injury.

Indicates a hazardous situation, which if not avoided, could result in


settings failing to take effect, equipment damage, or data loss.
NOTICE addresses practices not related to personal injury.

Calls attention to important information, best practices, and tips.


NOTE addresses information not related to personal injury or equipment
damage.

Change Log
Date Change Description

Jan.24, 2022 This is the first release of this document.

Version 01 (Jan. 24, 2022) 2


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Contents
Technical Support ................................................1
Change Log ....................................................... 2
1.1 Scenario ................................................. 4
2 Procedures ..................................................... 4
3 Verification of installation results ......................... 13
4 Notes ......................................................... 15

Version 01 (Jan. 24, 2022) 3


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

1 Background
1.1 Scenario
The customer already has a Microsoft AD domain controller
in the LAN, and all endpoints are connected to the domain
controller for unified management. The group policy is
pushed down from the domain controller to install Endpoint
Secure Agent automatically and silently after endpoints get
started.

The traditional approach of pushing MSI packages fails in some

environments because of format failure or policy pushdown failure.

This document provides another script-based approach with a higher

success rate.

2 Procedures
Step 1. Download the installation package.

Download the installation package, and the deployment guide


is shown below.

The installer name is edr_installer_MGRIP_4430.exe. By


default, the MGRIP is set as the IP address of Endpoint
Secure Manager, and the port number will be automatically
obtained and updated. Please do not change the name.

Version 01 (Jan. 24, 2022) 4


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Version 01 (Jan. 24, 2022) 5


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 2. Create and edit a group policy. Log in to the


domain server, open the Group Policy Management console, find
Group Policy Objects, right-click and select New to create a
new GPO, as shown below.

Step 3. Enter the name for your new GPO, and then click
OK.

Version 01 (Jan. 24, 2022) 6


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 4. Select the newly created GPO and right-click and


select Edit.

Step 5. In Scripts (Startup/Shutdown), select Startup.

Version 01 (Jan. 24, 2022) 7


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 6. Click Show Files... to open the startup script


directory and place the installation package and the script
for pushing the package into this directory, as shown below.

Version 01 (Jan. 24, 2022) 8


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 7. Place the installation package and script into


this directory, as shown below.

Copy the path in the startup script directory address bar in


the above figure. This path will be used later.

Step 8. Use Notepad to open the edr.bat script and modify it as follows.

Modify the Route and EDR_EXE parameter values in the script.

Replace the Route value with the path you copied.

EDR_EXE is the program installation package name.

After you modified the script, save your changes, and close
the script.

Version 01 (Jan. 24, 2022) 9


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 9. Click Add to add a script.

Step 10. Click Browse to select a script.

Version 01 (Jan. 24, 2022) 10


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 11. Go to Machine > Scripts > Startup and paste the
edr.bat script (as shown in the figure below). Then, click
Open.

Step 12. There is no need to set script parameters.


Please click OK.

Version 01 (Jan. 24, 2022) 11


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 13. After the script is added, click OK.

Step 14. Right-click and select Link an Existing GPO to


establish a GPO link with your desired domain. (The
edr197.com as shown in the figure below).

Version 01 (Jan. 24, 2022) 12


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Step 15. Select the newly added GPO created in Step 4,


and then click OK to complete the deployment of the startup
script.

1. Endpoint Secure Agent will be automatically and silently installed


after endpoints get restarted and log in to the domain.

2. For the script deployment log, go to the path C:\Windows\Temp\ to


view flag.log.

3 Verification of installation
results
Reboot the test computer to verify the client push
installation. Open the Terminal PC Task Manager and check the
presence of the "Sangfor Defender Antivirus Service" process
indicating that the aES client is being installed.

Version 01 (Jan. 24, 2022) 13


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Version 01 (Jan. 24, 2022) 14


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

4 Notes
Installation suggestion: To avoid many endpoints downloading
Endpoint Secure Agent simultaneously and causing network
congestion, you need to limit the maximum number of endpoints
in a single bulk deployment to ensure installation stability.

1. If the bandwidth is 100 Mbps (12.5 MB/s), the maximum


bandwidth of each endpoint is 2 MB/s. It is recommended to
deploy 5 endpoints in a single bulk deployment, and 0.5
MB/s is reserved.
2. If the bandwidth is 1,000 Mbps (125 MB/s), the maximum
bandwidth of each endpoint is 2 MB/s. It is recommended to
deploy 60 endpoints in a single bulk deployment, and 5
MB/s is reserved.

Version 01 (Jan. 24, 2022) 15


Sangfor Endpoint Secure Deploy Endpoint Secure Agent via AD Domain
Controller

Version 01 (Jan. 24, 2022) 16

You might also like