Cisco AMP for Endpoints - MSI Deployment

[Pages:7]Cisco AMP for Endpoints Deployment via MSI DRAFT MAY 12, 2017 NOTE: This is an instructional draft document and is not formally supported by Cisco as a supported process. Since AMP for Endpoints 5.0 it has been possible to repackage the redistributable installer as an MSI which can subsequently be used to deploy AMP for Endpoints via Microsoft Group Policy (GPO), SCCM, and other tools. This document outlines the steps used by some of Cisco's technical teams for repackaging an AMP for Endpoints redistributable EXE as an MSI deployment package. MSI Conversion Process: Step 1 - Download the "MakeMSI" Application: Step 2 - Install MakeMSI on a Windows PC and reboot it.

Step 3 - The AMP for Endpoints Policy should be configured so "Start Client User Interface" is OFF. Otherwise AMP executes on the endpoint with iptray.exe running as SYSTEM and will not be able to be stopped.

Step 4 - Turn off the Client User Interface: 1. Login to the AMP for Endpoints console at 2. Navigate to Management ? Policies

3. Edit the Windows Policy tied to the Group for which you wish to deploy the MSI Connector.

4. Within Policy under the General tab, select Client User Interface, deselect Start Client User Interface, and click Update Policy.

Step 4 - Download the AMP for Endpoints Connector for the chosen Group. 1. AMP for Endpoints Console > Management > Download Connector, select the correct Group > Download.

2. Save the executable to your system. Create a new folder on your PC and give it a name (ex. AMP_Setup)

Step 5 ? Conversion Preparation 1. Download the three files below and copy them to the folder you just created:

NOTE: The URLs below are case sensitive

NOTE: FireAMPSetup.MM file supports command line switches which you may modify e.g., EXE=[INSTALLDIR]FireAMPSetup.exe Args=/S /skipruntime 1 /desktopicon 0 /startmenu 0

2. Copy the AMP executable downloaded previously into the same folder. 3. Rename the executable to FireAMPSetup.exe

Step 6 - Right-click on the FireAMPSetup.MM file and select Build MSI - Production. The MakeMSI application will then begin compiling your MSI installer file.

Once the MakeMSI compiler process is complete, press any key to continue and the MakeMSI command prompt will close. Step 7 - Within the FireAMPSetup folder there is now a folder named out.

Navigate to out > FileAMPSetup.mm > MSI. The FireAMPSetup.msi file located in this directory can be deployed to the desired endpoints.

GPO Deployment Example Copy FireAMPSetup.msi to the UNC share from which you do software distribution. Within Microsoft Group Policy Management, create a new policy (e.g., FireAMP_Deployment)

Go to Computer Configuration ? Policies ? Software Settings ? Software Installation, add FireAMPSetup.msi, assign the policy, and test.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.