VM Manual Probe Installation
  • 09 Oct 2024
  • 25 Minutes to read
  • Dark
    Light
  • PDF

VM Manual Probe Installation

  • Dark
    Light
  • PDF

Article summary

About this Article
This article provides steps to install Probe manually on VM using script or MSI installer(only for Windows).


Linux

Install VSP Probe using the below process:

  1. Download the files listed below from LFR:
    1. virsec.gpg.key from the directory: vsp
    2. vsp-<SKU>-vm.sh.gpg from the directory: vsp > Operating System > Version > Signed
  2. Execute the commands below:
    gpg --import virsec.gpg.key  #To import virsec key
    gpg --list-keys   #To verify by listing the available keys
    gpg --output vsp-<SKU>-vm.sh --decrypt vsp-<SKU>-vm.sh.gpg  #To un-sign the downloaded gpg file
    1. The above command creates an un-signed output file vsp-<SKU>-vm.sh in the same directory
  3. Using any browser, navigate to the directory vsp in Local Repository URL: 
    1. Version 2.8 to 2.11.x:https://<Local Repository URL>:8443
    2. Version 2.7http://<Local Repository URL>
  4. Execute the below commands:
    Shell
    sudo bash
    ./vsp_install_vm.sh -h  #To diplay Help menu
    ./vsp_install_vm.sh -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -n <Hostname> -L <LFR_Port> -s <SKU> -g
    1. The required parameters for the script are:
      ParameterDescription
      -c <CMS_IP>IP Address of CMS
      -l <LFR_IP>IP Address of LFR
      -s <SKU>Provide the required SKU. Allowed values are web, host, mem
  5. The optional parameters for the script are:
     
    Version 2.11 and Above:


    ParameterDescription
    -g <0 | 1>To specify the utilization of the signed scripts for installation of the specified SKU . Allowed Values are 0 (Default- use unsigned installer), 1 (use signed installer)
    -B <OS_Bit>Host OS Bit. Allowed values are 32, 64
    -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
    -e <0 | 1>To indicate Remote vRule configuration. Applicable only for Web SKU. Allowed Values are (Default - Do not Enable), (Enable). Do not provide this option for Remote vRule option
    -H <0 | 1>

    Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. Allowed values are 0 (Do not add), 1 (Default - add). If value "1" is used, ensure that the parameters -C and -K are provided 

    -i <Host_IP>IP Address of Probe (Host)
    -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
    -k  <VSP_Kafka_Node_IP>IP Address of Kafka. This parameter is required if CMS IP and Kafka IP are different.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: -k "<IP_1>,<IP_2>,<IP_3>"
    -L <LFR_Port>

    VSP LFR Port. Default Port is 8443. This is not applicable in case of SaaS CMS

    -m <0 | 1>To install CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
    -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
    -o <Host_OS>To specify the Operating System. Allowed values are: rhel, ubuntu, debian_stretch, debian_buster, amazonlinux
    This parameter must be used along with "-V"
    For Oracle Linux 8, provide the value rhel for parameter “-o”
    -p <Host Profile Tags>

    Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

    -r <0 | 1>To restart VSP services after installation. Allowed values are 0 (Default - Do not start VSP services), 1 (start VSP services)
    -t <App Service Tags>List of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
    -U <0 | 1>To uninstall existing Probe services. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
    -u <0 | 1>To uninstall existing Probe services and install the latest available version. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
    -V <Host OS Version>To specify the version of the Operating System. This parameter must be used along with "-o"
    For Oracle Linux 8, provide the value 8 for the parameter “-V”
    -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
    -W <0 | 1>To uninstall CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
    -w <0 | 1>To uninstall the existing CPM version and install a new version available on LFR. Allowed values are 1 (Enable), 0 (Default - Disable)
    -X <0 |1>To set the password to stop/modify a service using VSP-CLI utility. Allowed values are 0 (Default - Do not Prompt), 1 (Prompt). When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
    -x <password>To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
    Version 2.10 and Below:


    ParameterDescription
    -gTo specify the utilization of the signed scripts for installation of the specified SKU
    -B <OS_Bit>Host OS Bit. Allowed values are 32, 64
    -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
    -eTo indicate Remote vRule configuration. Applicable only for Web SKU. Do not provide this option for Remote vRule option
    -H

    Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided 

    -i <Host_IP>IP Address of Probe (Host)
    -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
    -k  <VSP_Kafka_Node_IP>IP Address of Kafka. This parameter is required if CMS IP and Kafka IP are different.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: -k "<IP_1>,<IP_2>,<IP_3>"
    -L <LFR_Port>

    VSP LFR Port. Default Port is:

    Versions 2.8 and Above: 8443

    Version 2.780

    -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
    -o <Host OS>To specify the Operating System. Allowed values are: rhel, ubuntu, debian_stretch, debian_buster, amazonlinux (Version 2.10) | az_linux (Version 2.9 and Below)
     This parameter must be used along with "-V"
    Version 2.9 and 2.10 - For Oracle Linux 8, provide the value rhel for parameter “-o”
    -p <Host Profile Tags>

    Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

    -rTo restart VSP services after installation. They are not restarted by default
    -tList of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
    -UTo uninstall existing Probe services
    -uTo uninstall existing Probe services and install the latest available version
    -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
    -XTo set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
    -x <password>To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
    -V <Host OS Version>To specify the version of the Operating System. This parameter must be used along with "-o"
    Version 2.9 and 2.10 - For Oracle Linux 8, provide the value 8 for the parameter “-V” 
  6. Alternatively, to install a specific SKU, follow the steps below:
    sudo bash
    chmod +x vsp-<SKU>-vm.sh
    ./vsp-<SKU>-vm.sh -h  #To view Help menu
    ./vsp-<SKU>-vm.sh -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -n <Hostname> -o <Host_OS> -V <Host_OS_Version> -r

    The required parameters for the script are:

    ParameterDescription
    -c <CMS_IP>IP Address of CMS
    -i <Host_IP>IP Address of Probe (Host)
    -k <VSP_Kafka_Node_IP>IP Address of Kafka
    -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
    -o <Host_OS>Operating System of the Probe
    -rTo start VSP services after Installation
    -V <Host_OS_Version>Operating System Version of the Probe
  7. Optional Parameter to install specific SKU
    ParameterDescription
    -eTo indicate Remote vRule configuration. Do not provide this option for Remote vRule option
    -XTo set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
    -xTo extract the tar file and exit
    -yTo set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
  8. At the end of the installation, the installed probe instance automatically registers with VSP CMS and a restart of the server is NOT required if the parameter -r is provided during installation
  9. If the parameter -r is not provided during installation, restart the services using the below command:
    service vsp start
  10. For container-based CMS instance, restart the VSP services in Ubuntu and RHEL Probe instances using the below command:
    service vsp restart
  11. Verification: In CMS, navigate to Deploy > Probes and verify that the Probe server is listed and in Connected state


Windows 2008 and Above using Script

NOTE
VSP is not supported for hosts running hypervisor: Hyper-V

Pre-requisites

To install VSP Probe on Windows server, ensure that:

  1. PowerShell is installed
  2. The below packages are automatically installed during Probe installation 
    1. VC_redist.x86.exe
    2. VC_redist.x64.exe
  3. For Windows 2008, the Patch: Security Update for Microsoft Windows (KB4474419) is installed. Use the link below to install the required patch:
    https://www.catalog.update.microsoft.com/search.aspx?q=kb4474419  

Probe Installation

  1. Using any browser, navigate to the directory vsp in Local Repository URL:
    1. Version 2.8 to 2.11 https://<Local Repository URL>:8443
    2. Version 2.7http://<Local Repository URL>
  2. To install all the available SKUs (VSP-Enterprise, VSP-Web, VSP-Memory and VSP-Host), download vsp_install_vm.bat to the server
    1. Execute the below commands at the command prompt as an Administrator
      vsp_install_vm.bat -U  #To uninstall Previous version of VSP
      vsp_install_vm.bat -h  #To view the help menu
      vsp_install_vm.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -s <SKU>

      The required parameters for the script are:

      ParameterDescription
      -c <CMS_IP>IP Address of CMS
      -l <LFR_IP>IP Address of LFR
      -s <SKU>
      Version 2.10 and Below
      Provide the required SKU. Allowed values are web, host, mem
    2. Make a note of the displayed token for future use during password reset
    3. Optional Parameters to install all SKUs
       
      Version 2.11 and Above:


      ParameterDescription
      -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
      -e <0 | 1>To indicate Remote vRule configuration. Applicable only for full installation. Allowed values are 0 (Default - Do not Enable), 1 (Enable). Do not provide this option for Remote vRule option
      -H <0 | 1>

      Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. Allowed values are 0 (Do not add), 1 (Default - add). If value "1" is used, ensure that the parameters -C and -K are provided 

      -i <Host_IP>IP Address of Probe (Host)
      -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
      -k  <VSP_Kafka_Node_IP>IP Address of Kafka. This parameter is required if CMS IP and Kafka IP are different.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -k "<IP_1>,<IP_2>,<IP_3>"
      -L <LFR_Port>

      VSP LFR Port. Default Port is 8443. This is not applicable in case of SaaS CMS

      -m <0 | 1>To install CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
      -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
      -O <0 | 1>To install HOST-ONLY features. Allowed Values are 0 (complete installation) or 1 (Host only installation). Default value is 0
      -p <Host Profile Tags>

      Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

      -r <0 | 1>To restart VSP services after installation. Allowed values are 0 (Default - Do not start VSP services), 1 (start VSP services)
      -t <App Service Tags>List of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
      -U <0 | 1>To uninstall existing Probe services. To uninstall existing Probe services. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
      -u <0 | 1>To uninstall existing Probe services and install the latest available version. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
      -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
      -W <0 | 1>To uninstall CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
      -w <0 | 1>To uninstall the existing CPM version and install a new version available on LFR. Allowed values are 1 (Enable), 0 (Default - Disable)
      -X <0 | 1>To set the password to stop/modify a service using VSP-CLI utility. Allowed values are 0 (Default - Do not Prompt), 1 (Prompt). When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -x <Password>To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -z <SKU_Zip_File_Path>Path of the zip file of VSP SKU package
      Version 2.10 and Below:


      ParameterDescription
      -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
      -eTo indicate Remote vRule configuration. Only applicable for all SKU. Do not provide this option for Remote vRule option
      -H

      Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided 

      -i <Host_IP>IP Address of Probe (Host)
      -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
      -k  <VSP_Kafka_Node_IP>IP Address of Kafka. This parameter is required if CMS IP and Kafka IP are different.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -k "<IP_1>,<IP_2>,<IP_3>"
      -L <LFR_Port>

      VSP LFR Port. Default Port is:

      Versions 2.8 and Above: 8443

      Version 2.780

      -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
      -p <Host Profile Tags>

      Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

      -q <Kafka_container_Port>
      Version 2.9 and Below
      VSP Kafka Port (Default port is 9092)
      -rTo restart VSP services after installation. They are not restarted by default
      -tList of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
      -UTo uninstall existing Probe services
      -uTo uninstall existing Probe services and install the latest available version
      -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
      -XTo set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -x <Password>To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -z <SKU_Zip_File_Path>Path of the zip file of VSP SKU package
    4. Make a note of the displayed token for future use during password reset (If password is configured for VSP-CLI Utility)
  3. If the parameter -r is provided during installation, the installed probe instance uired if the parameter -r is provided during installation
  4. If the parameter -r is not provided during installation, start the installed VSP ASI serviceProbe Start Service
  5. Verify that the VSP Probe is installed as a serviceVerify VSP Probe Service
  6. Verification: In CMS, navigate to Deploy > Probes and verify that the Probe server is listed and in Connected state


Windows 2003 using Script

NOTE
  • For Windows 2003 servers:
    • Unverified Process with long directory or process name is not blocked
    • "Access denied" message is not displayed when a process is blocked
    • Zero-Dwell Time Protection is not available. Contact Virsec Technical representative for more information


Supported VSP Features

  1. For Windows 2003
    1. Only the Core license features - Executable Allowlisting and AppControl Policies are supported
    2. Other features – File System Monitoring, Memory Exploit Protection, Buffer Error Protection and Web Application Protection are not supported
    3. VSP is not supported for hosts running hypervisor: Hyper-V
    4. Out of the box protection actions are not available
    5. Probe Password protection feature is not available

Pre-requisites

To install VSP Probe on Windows server, ensure that:

  1. PowerShell is installed
  2. The below packages are installed:
    1. VC_redist.x86.exe
    2. VC_redist.x64.exe (Not applicable for Windows Server 2003 32 Bit Machines)

Probe Installation

  1. Using any browser, navigate to the directory vsp in Local Repository URL:
    1. Version 2.8 to 2.11https://<Local Repository URL>:8443
    2. Version 2.7http://<Local Repository URL>
  2. To install all the available SKUs (VSP-Enterprise, VSP-Web, VSP-Memory and VSP-Host), download vsp_install_vm.bat to the server
    1. Execute the below commands at the command prompt as an Administrator
      vsp_install_vm.bat -h #To view the Help menu
      vsp_install_vm.bat -c <CMS_IP> -i <Host_IP> -k <VSP_Kafka_Node_IP> -l <LFR_IP> -s <SKU>

      The required parameters for the script are:

      ParameterDescription
      -c <CMS_IP>IP Address of CMS
      -l <LFR_IP>IP Address of LFR
      -s <SKU>
      Version 2.10 and Below
      Provide the required SKU. Allowed values are web, host, mem
    2. Make a note of the displayed token for future use during password reset
    3. Optional Parameters to install all SKUs
       
      Version 2.11 and Above:


      ParameterDescription
      -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
      -e <0 | 1>To indicate Remote vRule configuration. Applicable only for web SKU. Allowed Values are (Default - Do not Enable), (Enable). Do not provide this option for Remote vRule option
      -H <0 | 1>

      Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. Allowed values are 0 (Do not add), 1 (Default - add). If value "1" is used, ensure that the parameters -C and -K are provided 

      -i <Host_IP>IP Address of Probe (Host)
      -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
      -k  <VSP_Kafka_Node_IP>IP Address of Kafka, This parameter is required if CMS IP and Kafka IP are different.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -k "<IP_1>,<IP_2>,<IP_3>"
      -L <LFR_Port>

      VSP LFR Port. Default Port is 8443. This is not applicable in case of SaaS CMS

      -m <0 | 1>To install CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
      -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
      -O <0 | 1>To install HOST-ONLY features. Allowed Values are 0 (complete installation) or 1 (Host only installation). Default value is 0
      -p <Host Profile Tags>

      Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

      -r <0 | 1>To restart VSP services after installation. Allowed values are 0 (Default - Do not start VSP services), 1 (start VSP services)
      -t <Application Service tags>List of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
      -U <0 | 1>To uninstall existing Probe services. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
      -u <0 | 1>To uninstall existing Probe services and install the latest available version. Allowed values are 0 (Default - Do not uninstall), 1 (uninstall)
      -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
      -W <0 | 1>To uninstall CPM. Allowed values are 1 (Enable), 0 (Default - Disable)
      -w <0 | 1>To uninstall the existing CPM version and install a new version available on LFR. Allowed values are 1 (Enable), 0 (Default - Disable)
      -X (Not Applicable for Windows 2003)To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -x (Not Applicable for Windows 2003)To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -z <SKU_Zip_File_Path>Path of the zip file of VSP SKU package
      Version 2.10 and Below:


      ParameterDescription
      -C <CMS DNS Name>Custom DNS name for CMS. Default value is int.cms.virsec.com
      -eTo indicate Remote vRule configuration. only applicable for all SKU. Do not provide this option for Remote vRule option
      -H

      Entries are not added in the /etc/host file to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided 

      -i <Host_IP>IP Address of Probe (Host)
      -K <Kafka DNS Name>Custom DNS name for Kafka. Default value is vsp-kafka.virsec.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -K "<DNS_1>,<DNS_2>,<DNS_3>"
      -k  <VSP_Kafka_Node_IP>IP Address of Kafka, This parameter is required if CMS IP and Kafka IP are different.
      If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
      Format: -k "<IP_1>,<IP_2>,<IP_3>"
      -L <LFR_Port>

      VSP LFR Port. Default Port is:

      Versions 2.8 and Above: 8443

      Version 2.780

      -n <Hostname>Hostname of the Probe. This is utilized during probe registration with CMS
      -p <Host Profile Tags>

      Appropriate Host Profile Tag. A Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS

      -q <Kafka_container_Port>
      Version 2.9 and Below
      VSP Kafka Port (Default port is 9092)
      -rTo restart VSP services after installation. They are not restarted by default
      -tList of comma-separated Application Service tags to enable a Probe to auto-associate with a CMS Application
      -UTo uninstall existing Probe services
      -uTo uninstall existing Probe services and install the latest available version
      -v <vsetting>To print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
      -X (Not Applicable for Windows 2003)To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the user is prompted to provide the password (this method is preferred due to security reasons). A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -x (Not Applicable for Windows 2003)To set the password to stop/modify a service using VSP-CLI utility. When this parameter is used, the password must be provided along with the command. A valid password must be 16 (minimum) – 511 (maximum) characters in length and must have alphanumeric characters in both upper and lower cases
      -z <SKU_Zip_File_Path>Path of the zip file of VSP SKU package
  3. If the parameter -r is provided during installation, the installed probe instance automatically registers with VSP CMS and a restart of the server is NOT required 
  4. If the parameter -r is not provided during installation, start the installed VSP ASI service Probe 2003 Services
  5. Verify VSP Probe is installed as a service
  6. Verification: In CMS, navigate to Deploy > Probes and verify that the Probe server is listed and in Connected state
NOTE
For any publisher trust issues on Windows 2003, refer to the Troubleshooting article for the recommended actions


Windows using MSI Installer

NOTE
Along with the .msi file, a Windows help file (vsp_msi.chm) is also provided to describe the usage of the .msi file. Ensure that this file is “unblocked” the first time it is opened. If not, the help content is not visible. To unblock, right-click the file vsp_msi.chm, select properties and enable the checkbox or click the button Unblock


Installation

There are two methods of installation available

  1. Quiet Installation – Command line method of installation
  2. UI-based Installation

Quiet Installation

  1. Pre-requisites:
    1. Ensure that the below packages are installed. They are included as part of the downloaded .zip file:
      1. VC_redist.x86.exe
      2. VC_redist.x64.exe (Not applicable for Windows Server 2003 32 Bit Machines)
    2. For Windows 2008, the Patch: Security Update for Microsoft Windows (KB4474419) is installed. Use the link below to install the required patch: https://www.catalog.update.microsoft.com/search.aspx?q=kb4474419  
  2. Install the VC_redist packages, using the below steps:
    1. Open Command Prompt (Run as an Administrator) and navigate to the directory with the file vsp.msi
    2. For installation of VC_redist.x64.exe, execute the below command:
      Shell
      start /wait VC_redist.x64.exe /q /norestart /l*v logs.txt
    3. For installation of VC_redist.x86.exe, execute the below command: (Not applicable for Windows Server 2003 32 Bit Machines):
      Shell
      start /wait VC_redist.x86.exe /q /norestart /l*v logs.txt
  3. Version 2.11 and AboveDuring installation, it can be specified if the entire Probe package must be installed or Host only features must be installed
    1. In LFR, navigate to the directory: Windows > <OS_Version>. There are two directories specified for OS_Version:
      1. Windows 2003
      2. Windows 2008-22
    2. Download the .zip file and unzip it
  4. Version 2.10 and Below: Install a specific SKU, download the relevant .zip file 
    1. In LFR, navigate to the directory: Windows > <OS_Version>
    2. SKU: Select the appropriate file with web (VSP-Enterprise, VSP-Web), memory (VSP-Memory) and host (VSP-Host) in its name
    3. The file name format is: vsp-<SKU>-vm.zip. Unzip the file
  5. Open a command prompt window as an Administrator
  6. Navigate to the directory where the file VSP.msi is downloaded
  7. Execute the command:
    Shell
    start /wait msiexec /i VSP.msi /qn /norestart CMS_IP=<CMS_IP> ACCEPTEULA=1 /l*v c:\vsp_installermsi.log
  8. The Parameters for the script are
    ParameterDescription
    ACCEPTEULAFor quiet installation, defines acceptance to the license agreement. Expected value: 1
    CMS_IPIP Address of CMS
    Optional Parameters
    HOST_IPIP Address of Host
    KAFKA_IPIP Address of Kafka. If it is not specified, CMS_IP will be used as KAFKA_IP. It not required if NO_HOST_ENTRY is used
    LFR_IPIP Address of LFR is required if it is different from the CMS IP Address or if LFR is hosted in Kubernetes. If not specified, CMS IP address is utilized
    KAFKA_PORTVSP Kafka Port (Default port is 9092)
    HOST_NAMEThe hostname of the Application Instance. This is utilized during probe registration with CMS
    CMS_DNS_NAMECustom DNS name for CMS. Default value is int.cms.virsec.com
    KAFKA_DNS_NAMECustom DNS name for Kafka. Default value is vsp-kafka.virsec.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: "<DNS_1>,<DNS_2>,<DNS_3>"
    ENABLE_REMOTE_AETo indicate Remote vRule configuration.
    Default value is 0
    Expected values are 0 (Disable) or 1 (Enable)
    START_VSP_SERVICETo start VSP services after Installation
     Default value is 0
     Expected values are 0 (Not started) or 1 (Started)
    NO_HOST_ENTRYEntries are not added in the file /etc/host to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided
     Default value is 0
     Expected values are 0 (Entries added) or 1 (Not added)
    VSP_CLI_PASSWORD(Not applicable for Windows 2003) Specify password for the vsp-cli utility. Password must have a length of 16 (minimum) - 511 (maximum) characters and atleast one character from each group: [a-z][A-Z][0-9]
    HOST_PROFILE_TAGA Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS
    APP_SERVICE_TAGSList of app service tags separated by a comma;
    echo App service tags enable an Application Instance to be auto-associated with an application on CMS
    LOGLEVELTo print Verbose information. Allowed values are 0 (INFO level), 1 (DEBUG level) and 2 (TRACE level)
     Default value is 0; Example: LOGLEVEL=1
    HOST_ONLY
    Version 2.11 and Above
    Specify if only VSP Host features are required. Allowed value is: 1
    START_CPM_SERVICE
    Version 2.11 and Above
    To start/stop CPM services after Installation. Allowed Values are: 1 (Start; Default) and 0 (Stop)

  9. Version 2.11 and Above Sample commands:
    1. start /wait msiexec /i VSP.msi /qn /norestart CMS_IP=10.15.38.11 HOST_ONLY=1 ACCEPTEULA=1 START_VSP_SERVICE=1 VSP_CLI_PASSWORD="GhT890aRHjIkO9876" /l*v c:\vsp_installermsi.log
  10. Version 2.10 and Below Sample commands:
    1. start /wait msiexec /i VSP.msi /qn /norestart CMS_IP=10.15.38.11 ACCEPTEULA=1 START_VSP_SERVICE=1 VSP_CLI_PASSWORD="GhT890aRHjIkO9876" /l*v c:\vsp_installermsi.log
    2. start /wait msiexec /i VSP.msi /qn /norestart CMS_IP=10.15.38.11 ACCEPTEULA=1 KAFKA_IP=10.12.3.45 START_VSP_SERVICE=1 CMS_DNS_NAME=int.cms.virsec.com KAFKA_DNS_NAME=vsp-kafka.virsec /l*v c:\vsp_installermsi.log
  11. Verification: Execute the below command to verify if the installation was successful
    Shell
    if %ERRORLEVEL% NEQ 0 (echo "INSTALLATION FAILED") else (echo "INSTALLATION SUCCEEDED")

UI-based Installation

  1. Pre-requisites:
    1. Ensure that the below packages are installed. They are included as part of the downloaded .zip file:
      1. VC_redist.x86.exe
      2. VC_redist.x64.exe (Not applicable for Windows Server 2003 32 Bit Machines)
    2. For Windows 2008, the Patch: Security Update for Microsoft Windows (KB4474419) is installed. Use the link below to install the required patch: https://www.catalog.update.microsoft.com/search.aspx?q=kb4474419  
  2. Version 2.11 and AboveDuring installation, it can be specified if the entire Probe package must be installed or Host only features must be installed
    1. In LFR, navigate to the directory: Windows > <OS_Version>. There are two directories specified for OS_Version:
      1. Windows 2003
      2. Windows 2008-22
    2. Download the .zip file and unzip it
  3. Version 2.10 and Below: Install a specific SKU, download the relevant .zip file 
    1. In LFR, navigate to the directory: Windows > <OS_Version>
    2. SKU: Select the appropriate file with web (VSP-Enterprise, VSP-Web), memory (VSP-Memory) and host (VSP-Host) in its name
    3. The file name format is: vsp-<SKU>-vm.zip. Unzip the file
  4. Double-click VSP.msi with Administrator privileges and click Next on the Welcome screen
  5. Accept the License Agreement and click Next
  6. Provide the below information and click Next
    1. CMS IP - IP Address of VSP CMS
    2. No Host Entry – When enabled, entries are not added in the file /etc/host to resolve the LFR and CMS DNS names. If this parameter is used, ensure that the parameters -C and -K are provided
    3. Version 2.11 and Above: Host only feature - When enabled, only the Host features are installed. When disabled (default), all the VSP features are installed
  7. Provide the Optional Parameters if required and click Next
    ParametersDescription
    Host IPIP Address of Host
    Host NameThe hostname of the Application Instance. This is utilized during probe registration with CMS
    LFR_IPIP Address of LFR is required if it is different from the CMS IP Address or if LFR is hosted in Kubernetes. If not specified, CMS IP address is utilized
    CMS DNS NameCustom DNS name for CMS. Default value is int.cms.virsec.com
    Kafka IPIP Address of Kafka. If it is not specified, CMS_IP will be used as KAFKA_IP. It not required if NO_HOST_ENTRY is used
    Kafka DNS NameCustom DNS name for Kafka. Default value is vsp-kafka.virsec.
    If there are multiple values, ensure that they are comma-separated, enclosed in double-quotes and without any white spaces between them.
    Format: "<DNS_1>,<DNS_2>,<DNS_3>"c
    Kafka PortVSP Kafka Port (Default port is 9092)
    Host Profile TagA Host Profile Tag allows for an application instance to be auto-associated with a process profile on CMS
    App Service TagsList of app service tags separated by a comma; echo App service tags enable an Application Instance to be auto-associated with an application on CMS
    VSP CLI Password(Not applicable for Windows 2003Specify password for the vsp-cli utility. Password must have a length of 16 (minimum) - 511 (maximum) characters and atleast one character from each group: [a-z][A-Z][0-9]
    Enable Remote vRule Engine (Web Only)Select to indicate Remote vRule configuration
    Start VSP ServiceSelect to start VSP services after Installation
    Log LevelSelect one of the levels: INFO (Default), WARNING or ERROR
    Hide VSP in Control PanelSelect to Hide VSP listing in Control Panel

  8. Specify the directory for VSP installation and click Next
  9. Modify the feature if required. Click Next
  10. Click Install
  11. Once the installation is completed, an installation log file appears that states success or failure

Log Location

Logs related to the installation are placed in these locations:

  1. Post-Installation Operation Log - C:\vsp_installer.log 
  2. Installation operation Log - C:\vspinstall_ca.log 
  3. MSIEXEC Log - C:\vsp_installermsi.log  



Was this article helpful?