Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Carbon Black Cloud: How to Install the Sensor on Linux Environments With Proxies

Carbon Black Cloud: How to Install the Sensor on Linux Environments With Proxies

Environment

  • Carbon Black Cloud Sensor: 2.x and higher
  • Linux: All supported versions

Objective

To deploy the Carbon Black Cloud sensor on a Linux environment with proxies

Resolution

To install with Proxy support, starting from Linux sensor version 2.11.1 and higher, a proxy domain or IP and port can be specified at install  
 
sudo cb-psc-install/install.sh [-p 'proxyhost:proxyport'] '<COMPANY_CODE>'


Example install command:

sudo cb-psc-install/install.sh -p 'MyProxyHostName:8080' 'AB123456789CD'
Note:
  • proxyhost can be either a domain name or IP and proxyport is the proxy's listening port
  • --proxy may be used in place of -p if so desired, but both have the same meaning
  • Replace 'cb-psc-install' with the location of the install script on the device




For sensors versions prior to 2.11.1, follow the steps below:

  1. Run the install script without the company code
sudo ./install.sh
  1.  Add (append) the following values to /var/opt/carbonblack/psc/cfg.ini (replace dev-prod0x with the corresponding backend domain)
echo 'BackendServer=https://dev-prod0x.conferdeploy.net' | sudo tee -a /var/opt/carbonblack/psc/cfg.ini
echo 'ProxyServer=IP_Address:Port' | sudo tee -a /var/opt/carbonblack/psc/cfg.ini
  1. Populate the company code enclosing the company code in single quotes (use the 19-character-long alphanumeric code), this will populate the line "CompanyCode" in cfg.ini with the corresponding code
sudo /opt/carbonblack/psc/bin/cbagentd -d 'company_registration_code'
  1. Confirm the changes took place
cat /var/opt/carbonblack/psc/cfg.ini
The cfg.ini file should look something similar to:
[customer]
PemFile=/var/opt/carbonblack/psc/cloud.pem
InstallPackageType=xxx
BackendServer=https://dev-prod0x.conferdeploy.net
ProxyServer=xxx.xxx.xxx.xxx:3128
CompanyCode=xxxxxxx
  1. Start the cbagentd daemon, for older systemV distros (RHEL/CentOS6)
service cbagentd start
OR for All distros except CentOS 6
systemctl start cbagentd
Upon registration the DeviceId value in cfg.ini should be populated

Additional Notes

Currently the CBC Linux sensor does not support authenticated proxies, CBC will include support for authenticated proxies in a future release (PSCLNX-455).

Related Content


Was this article helpful? Yes No
50% helpful (1/2)
Article Information
Author:
Creation Date:
‎09-09-2020
Views:
4657
Contributors