Enterprise Recon 2.1

AIX Agent

This section covers the following topics:

Install the Node Agent

  1. Log into the ER2 Web Console.
  2. Go to Settings > Agents > Node Agent Downloads.
  3. On the Node Agent Downloads page, click on the Filename for your Platform.
  4. (Optional) Verify the checksum of the downloaded Node Agent package file.

In the terminal:

  1. If there is a previous version of the Node Agent installed, remove it first:

    rpm -e er2

  2. Install the Node Agent:

    # Where './er2-2.0.xx-aix61-power.rpm' is the full path of the installation package # Syntax: rpm -i <path_to_package.rpm> rpm -i ./er2-2.0.xx-aix61-power.rpm

Verify Checksum for Node Agent Package File

Requires: OpenSSL package.

You can determine the integrity of the downloaded Node Agent package file by verifying the checksum before installing the Node Agent.

  1. Download the Node Agent package file.
  2. Run the commands in a terminal to generate the hash value for the Node Agent package file.
    • MD5 hash (128-bit)

      # Syntax: openssl md5 <path to Node Agent package file> openssl md5 ./er2-2.0.xx-aix61-power.rpm
      Example MD5 hash: f65a2cd26570ddb7efb6a2a4318388ac

    • SHA1 hash (160-bit)

      # Syntax: openssl sha1 <path to Node Agent package file> openssl sha1 ./er2-2.0.xx-aix61-power.rpm
      Example SHA1 hash: 33bcd6678580ae38a03183e94b4038e72b8f18f4

    • SHA256 hash (256-bit)

      # Syntax: openssl sha256 <path to Node Agent package file> openssl sha256 ./er2-2.0.xx-aix61-power.rpm
      Example SHA256 hash: 1ee094a222f7d9bae9015ab2c4ea37df71000556b3acd2632ee27013844c49da

  3. In the ER2 Web Console, go to the Settings > Agents > Node Agent Downloads page. The Hash column lists the expected hash values for each Node Agent package file.
  4. Compare the generated hash values from Step 2 with the expected hash values listed in the Web Console; both hash values should be equal.

Configure the Node Agent

After you have installed the Node Agent, configure the Node Agent to:

  1. Point to the Master Server.
  2. (Optional) Use the Master Public Key (see Server Information) when connecting to the Master Server.
  3. (Optional) Specify Target initial group.
  4. Test the connection settings.

To configure the Node Agent, choose either mode:

  • Interactive Mode
  • Manual Mode

For the changes to take effect, you must Restart the Node Agent.

Interactive Mode

Running this command helps you to quickly configure the Node Agent:

/opt/er2/sbin/er2-config -interactive

The interactive mode asks you for the following information to help you configure the Node Agent.

Interactive Mode Command Prompts Description
Master server host name or IP Address [10.1.100.0] Specify a Master Server’s host name or IP address.
(Optional) Master server public key Enter the Master Public Key. See Install Node Agents.
(Optional) Target initial group Specify Target initial group.
Test connection settings (Y/N) Test the Node Agent’s connection settings to the Master Server, enter Y.

For the changes to take effect, you must Restart the Node Agent.

Manual Mode

To configure the Node Agent without interactive mode, run:

## Required for connecting to the Master Server # -i <hostname|ip_address>: Master Server IP address or host name. ## Optional parameters # -t: Tests if the Node Agent can connect to the given host name or IP address. # -k <master_public_key>: Sets the Master Public Key. # -g <target_group>: Sets the default Target Group for scan locations added for this Agent.
/opt/er2/sbin/er2-config -i <hostname|ip_address> [-t] [-k <master_public_key>] [-g <target_group>]

For the changes to take effect, you must Restart the Node Agent.

Install RPM in Custom Location

To install the Node Agent RPM package in a custom location:

  1. Download the Node Agent from the Master Server. The Master Server must be version 2.0.29 and above.
  2. Install the package in a custom location.

    # Syntax: rpm --prefix=<custom_location> -ivh <node_agent_rpm_package> # Install the Node Agent package into the custom location at '/custompath/er2'.
    rpm --prefix=/custompath/er2 -ivh ./er2-2.0.xx-aix61-power.rpm

  3. Configure the package:

    # Configure the Node Agent package. # Run 'er2-config' binary from the custom install location, i.e. '<custom_location>/sbin/er2-config' # Specify the location of the configuration file. The location of the configuration file is '<custom_location>/lib/agent.cfg'
    /custompath/er2/sbin/er2-config -c /custompath/er2/lib/agent.cfg -interactive

  4. Restart the Node Agent.

Restart the Node Agent

For your configuration settings to take effect, you must restart the Node Agent.

For Node Agent packages installed in the default location:

## Run either of these options # Option 1 /etc/rc.d/init.d/er2-agent restart
# Option 2 /etc/rc.d/init.d/er2-agent -stop # stops the agent /etc/rc.d/init.d/er2-agent -start # starts the agent

For Node Agent packages installed in a custom location:

# Syntax: <custom_location>/init/er2-agent -<start|stop> # Where '/custompath/er2' is the custom installation location for the Node Agent package.
/custompath/er2/init/er2-agent stop # stops the agent /custompath/er2/init/er2-agent start # starts the agent

Uninstall the Node Agent

To uninstall the Node Agent, run:

rpm -e er2

Upgrade the Node Agent

See Agent Upgrade for more information.