Installing a Symantec Endpoint Protection Security Virtual Appliance

Article:HOWTO81083  |  Created: 2012-10-24  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/HOWTO81083
Article Type
How To


Subject


Installing a Symantec Endpoint Protection Security Virtual Appliance

After you have met the prerequisites, you can install the Security Virtual Appliance. You use the Security Virtual Appliance installation tool from the command line. You must install a Security Virtual Appliance on each ESXi host if you want the GVMs on the host to use vShield-enabled Shared Insight Cache.

To install or uninstall the Security Virtual Appliance, the vCenter Administrator account that you use must have permissions in the following privilege categories:

  • Datastore (All privileges)

  • Network (All privileges)

  • vApp (All privileges)

  • Virtual Machine (All privileges)

  • Global > Cancel Task

Note:

As part of the installation process, the Security Virtual Appliance and its associated ESXi host registers with vShield Manager. For this reason, you should not use vMotion with the Security Virtual Appliance. A best practice is to use the sva_install.jar utility to uninstall and reinstall the Security Virtual Appliance.

See VMware software requirements to install a Symantec Security Virtual Appliance.

Note:

The Java Runtime Environment 7 or later is required to run the Security Virtual Appliance installation tool.

To install a Security Virtual Appliance

  1. On the Tools product disc, locate the Virtualization\SecurityVirtualAppliance folder.

  2. Copy the entire contents of the SecurityVirtualAppliance folder to a local directory.

    For convenience, you may want to copy the files to the same location as the sylink.xml file that you exported from the Symantec Endpoint Protection Manager.

  3. Configure the SVA_InstallSettings.xml file.

    The default name of the communications file that you exported from Symantec Endpoint Protection Manager is group name_sylink.xml. Be sure to change the <sylink_xml> pathname in the SVA_InstallSettings.xml file to match your exported file name.

    See Configuring the Symantec Endpoint Protection Security Virtual Appliance installation settings file.

  4. Take a snapshot of the vShield Manager. During installation, the Security Virtual Appliance registers with the vShield Manager. A snapshot ensures that you can revert to the previous state, in case any Security Virtual Appliance installation issues occur.

  5. At the command line, type the following command:

    java -jar Symantec_SVA_Install.jar -s pathname/SVA_InstallSettings.xml

    By default, if there is more than one datastore available the installation prompts you to select one. If there is more than one network, the installation prompts you to select one.

Errors and other installation output are written to the SVA_Install.log file. This log file is created in the same directory where you executed the installation command.

Note:

In a few instances, the write to that directory may fail. In these cases, the file is written to the /temp directory and is named SVA_Installxxx.log, where the system replaces xxx with a random number.

You can perform the following actions to recover from an incomplete Security Virtual Appliance installation or an aborted Security Virtual Appliance installation.

To recover from an incomplete installation or an aborted installation

  1. Check to see if the Security Virtual Appliance is listed under the ESXi host.

  2. If it is listed, turn off the Security Virtual Appliance and delete it from the disk.

  3. Revert the vShield Manager to the snapshot that you took before you tried to install the Security Virtual Appliance.

  4. Reinstall the Security Virtual Appliance.

Once you have installed a Security Virtual Appliance, you can log in with the admin account.


Legacy ID



v66237445_v81626096


Article URL http://www.symantec.com/docs/HOWTO81083


Terms of use for this information are found in Legal Notices