Cynet 360 EPS Manual Installation Guide, Windows, Linux, Mac

Here are some notes to consider when installing Cynet: 

1. To Access your Install Agent files, please review your email for the dedicated webpage that contains your install file links. If you do not have this or can not find it, please connect with help@chatfortress.com and our team will provide you with the correct URL. 

2. Our managed clients are provided with access to the install agents to complete the install. There is no cynet portal access. To complete the install, you need to email help@chatfortress.com with the following information: 
Device Name: 
ScanGroup [howtogroup/classify/clientname/location]:
Number of Devices Installed:
Alert Email:
After Hours Alert Email: 
After Hours Cell: 
Business Hours Phone for Alerts: 
3. Once you have successfully installed Cynet on your device, please email us the info below so we can confirm the new install is active. This applies to every new install/uninstall.
Device ID:
OS: Windows, Mac or Linux
Type: Work or BYOD
ScanGroup [howtogroup/classify/clientname/location]:

Firewall Settings: 

FIREWALL REQUIREMENTS
The following networking requirements are necessary for Cynet 360 network communication:
Source Destination Protocol  Port(s)
Cynet Server Windows Endpoints TCP 445
Windows Endpoints Cynet Server TCP 443
Cynet Server Linux/MAC Endpoints TCP 22
Management Endpoints*  Cynet Server TCP 8443
Cynet Server^ Cynet Cloud TCP 443
* TCP Port 8443 is used for the web management interface. During Cynet 360’s installation, this port is opened on the Windows firewall however any third-party host firewalls will need this port opened.
^ TCP port 443 is used for the HTTPS TLS encrypted connection from the Cynet 360 server to api.t-shield.com (54.217.206.23) the Cynet virtual private cloud (VPC) for security threat intelligence.

ANTIVIRUS REQUIREMENTS

● For all endpoint exclude CynetEPS.exe and CynetMS.exe from antivirus engine
● On the Cynet server exclude Cynet360\EPS, Cynet360\DB and Cynet360\Analysis folder from antivirus scanning.


Cynet 360 Windows Agent Installation


The Cynet 360 Light Agent for Windows is packaged in the installer file “CynetMSI.msi”, Contained inside the Zip file this MSI file contains all the relevant connection information to connect to the relevant Cynet server in Cynet SAAS environment.

The agent can be installed using the GUI by double clicking the MSI file or using the Command prompt.

When manually installing the light agent using the command prompt ensure it is being executed in an Administrator command prompt window or with Administrator privileges. The MSI requires elevated privileges to create a service on the host, to ensure the Cynet EPS will remain persistent on the host.

If you would like to manually install the agent with additional parameters, you can do it by specifying the arguments as part of the MSI installation process.

A typical command line installation will look like this:
msixexec /I CyentMSI.msi IP=”<Server IP>” PORT=”443” -msi /quiet

The <Server IP> parameter should reflect your Cynet server’s IP address. By default, Cynet servers will accept incoming scan data on TCP port 443, unless configured otherwise on the server.

To validate the Cynet agent is running on a Windows endpoint, open the Task Manager and look for Cynet process. The excepted result will include two processes running in memory.

CynetEPS.exe - Cynet Main process
CynetMS.exe - Cynet memory scanner

TASK MANAGER FOR A WINDOWS 7 HOST

TASK MANAGER FOR A WINDOWS 10 HOST

NOTE: Installing the Cynet MSI Package creates the CynetLauncher service. This service runs once at system boot and then stops. When it runs, it launches the CynetEPS process and then stops the service. It does not need to be running for the agent to be working properly.

To uninstall the Cynet light agent from  Windows host, the following command can be used to remove all components. This command should be run in an Administrator command prompt or with Administrator privileges to successfully remove all components.

msiexec /x CynetMSI.msi /qn

Alternatively, the Cynet agent can be uninstalled from the Windows Control Panel. Navigate to the Programs and Features. Select the CynetEPS program and click Uninstall.


NOTE: With the release of version 3.8.3, Cynet support uninstall password protection. Once configured Cynet will prompt the user for a password before completing the uninstallation process.

Cynet 360 Linux Agent Installation

Before performing the Linux agent installation process, the Agent argument file needs to be created with the correct arguments and saved into the /tmp folder. The file can be created manually using a text editor software or utilizing the echo command as shown in the example below.

echo -e "<Server_IP> -port <Server_Port> -lightagent -tknv 1 -tkn <token> -msi” /tmp/CynetEPSArguments.txt
NOTE: Please note the Argument file name is case sensitive and should be named EXACTLY – CynetEPSArguments.txt and placed in the /tmp directory.

Once the file is created place the Argument file in the same folder as the installation package and run the desired action based on the table below:

Process Ubuntu/Debian CentOS/Redhat
Installation Sudo dpkg -I cyneteps.deb rpm -ivh cyneteps.rpm
Uninstall Sudo dpkg –purge cyneteps rpm -e cyneteps
Validate Installation Sudo dpkg -l cyneteps rpm -qa |grep cynet
Verify Cynet Service Sudo systemctl status cyservice or sudo service cyservice status systemctl status cyservice or service cyservice status

Cynet 360 MAC Agent Installation


Before performing the MAC agent installation process, the Agent argument file needs to be created with the correct arguments. The file can be created manually using a text editor software or utilizing the echo command as shown in the example below.
echo -e "<Server_IP> -port <Server_Port> -lightagent -tknv 1 -tkn <token> -msi” CynetEPSArguments.txt
NOTE: Please note the Argument file name is case sensitive and should be named EXACTLY – CynetEPSArguments.txt.

Once the file is created place the Argument file in the same folder as the installation package and run the desired action based on the table below double click pkg file and following the installation instructions displayed by installation wizard.
Process Command Expected result
Verify Package Installation pkgutil –pkgs |grep cynet package id: cynet.com.cyneteps_service version: 3.8.999.65535 volume: / etc ...
Verify Service is Running sudo launchctl list |grep cynet 20495 0 com.cynet.cyenteps_service
Uninstall

sudo chmod +x cy_unistall.sh sudo ./cy_unistall.sh



 



Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us