You want to protect a RHEL 6.9 (kernel 2.6.32-696.*el6.x86_64) system with a Data Center Security agent, which is not listed as supported in the documents that came with the 6.7 MP1 build 1060, and the agent is not installing.
The RHEL 6.9 kernel was certified after the maintenance pack was released.
To install RHEL 6.9 kernel on Data Center Security 6.7 MP1, or use a newer version of the agent.
1. Copy the Data Center Security 6.7 MP1 (126.96.36.1990) RHEL 6 64-bit binary (agent64-linux-rhel6.bin) to RHEL 6.9 computer. 2. Launch the agent installer and accept the license agreement. 3. Installer displays the following warning message:
Checking Driver support for your Linux Kernel... Error: kernel version 2.6.32-696.el6.x86_64 is not supported
WARNING: No drivers were found to match the version of your kernel 2.6.32-696.el6.x86_64 The RT-FIM and prevention features have been disabled during installation. Press ENTER to continue.
4. Press Enter and continue with the installation. 5. Configure the installation parameters like Management Server IP, certificate path, agent name, and other installation settings. 6. Verify that the IPS and RT-FIM drivers are not loaded. 7. Verify that SISIPS, SISIDS, and SISIPSUtil services are running. 8. Execute the following commands to load the IPS and RT-FIM drivers:
Output: testing module for kernel 2.6.32-642.el6 SISIPS linux version code: 132640 SISIPS driver version: 188.8.131.527 (af114) SISIPS agent version: 184.108.40.2060 Linux SISIPS test load successful test probe with sisips version 2.6.32-642.el6 successful Enabling IPS feature for sisips module
Command: /etc/init.d/sisids.init test
Output: testing module for kernel 2.6.32-642.el6 SISFIM: version 220.127.116.110 SISFIM: test load successful test probe with sisfim version 2.6.32-642.el6 successful Enabling RT-FIM feature for sisfim module
9. Execute the below commands to add RHEL 6.9 kernel support for Data Center Security: Server Advanced agent. /etc/init.d/sisips.init add /etc/init.d/sisids.init add
10. Reboot the agent and verify that IPS and RT-FIM drivers are loaded. # lsmod | grep sis
11. Also verify that SISIPS, SISIDS and SISIPSUtil services are running.
Subscribing will provide email updates when this Article is updated. Login is required.