When using Symantec Critical System Protection (CSP) with VMware vSphere ESXi you are required to use a collector to interact with vSphere ESXi. That collector can be of RHEL or SLES types of Linux. In my case I use RHEL 6, so need a collector that has on it at least two things: vSphere vCLI and the CSP Linux agent. RHEL 6 exists as a template within my environment so cloning it is not a major issue but after you clone there are a few things that have to happen to install vCLI and the other components.
First you may ask why we cannot use the vSphere vMA appliance as the collector? The answer is that it is not supported by Symantec CSP and it is always best to have a dedicated system for security work over one normally accessed by administrators, granted vMA should be protected by CSP.
The installation steps follow:
- Clone a RHEL6 template
- Fix the Network
- Modify /etc/udev/rules.d/70-persistent-net.rules – This has to happen as the cloned network adapter appears as eth1 not eth0, which implies you may not have a network connection.
- Modify /etc/sysconfig/network-scripts/ifcfg-eth0 – You need to modify either by commenting out or changing the HWADDR line to be the proper MAC for the new version of eth0.
- Register your machine with rhn_register
- Enable the RHEL Server Optional subscription on your registered system
- Install the EPEL release for your version of RHEL6
- Install the necessary RPMs using “yum -y install” RPM, where RPM is one of the following, note the -y is important,
- openssh-clients
- openssl-devel
- perl
- perl-CPAN
- perl-Class-MethodMaker
- perl-Compress-Raw-Zlib
- perl-Crypt-SSLeay
- perl-Data-Dump
- perl-Data-Dumper
- perl-HTML-Parser
- perl-IO-Compress-Zlib
- libwww-perl
- perl-URI
- uuid
- libuuid
- libuuid-devel
- perl-XML-LibXML
- perl-XML-NamespaceSupport
- perl-XML-SAX
- perl-XML-LibXML-Common
- wsmancli
- perl-SOAP-Lite
- perl-YAML
- perl-Archive-Zip
- perl-Compress-Zlib
- lwp
- gcc (which you can remove after install is complete)
- make (which you can remove after install is complete)
- Install perl-UUID
- perl -MCPAN -e ‘install UUID’
- Download the appropriate VMware-vSphere-CLI bundle, I happen so use VMware-vSphere-CLI-5.1.0-780721.x86_64.tar.gz
- Run the VMware vCLI installer
- set the http_proxy and ftp_proxy environment variables
- export ftp_proxy=
- export http_proxy=
- unpack and run the vmware_install.pl program
- set the http_proxy and ftp_proxy environment variables
Now that the VMware vSphere CLI is installed we can then install the Symantec CSP agent for RHEL. The hard part was installing the vCLI not the agent and now I can use the newly installed vCLI within Linux as the Symantec CSP collector for my vSphere ESXi hosts.