Deploying EDR Agent using Group Policy in Windows Server 2012 r2

Deploying EDR Agent using Group Policy in Windows Server 2012 r2

Windows Server 2012 R2 includes a feature called Software Installation and Maintenance that AD DS, Group Policy, and the Windows Installer service use to install, maintain, and remove the software from your organization’s computers.

Setting up a share:

The first step to distributing any software across a network is to provide a shared location from which clients can access the software setup files. If there is not already a shared folder set up for this purpose then one can be created in the following manner:

      1. Create a folder in a suitable location with a suitable name ‘Shared folder’
      

      2. Right-click on the new folder and select Properties
      3. In the properties dialog select the ‘Sharing’ tab and then click on ‘Advanced Sharing…
      

      4. Tick ‘Share this folder’ and then click on the ‘Permissions’ button
      

      5. Add the ‘Read’ permission to users or groups that should be able to install the software.
      

      6. ‘OK’ all of the dialogs and open the new folder in Windows Explorer.
      7. Create any further folders desired to make it easier to manage the file system.
      8. Now you copy the desired window installer in this folder and use this folder path in GPO while distributing the software through Group Policies.

Setting up a GPO:

Let's go through the step on how we can deploy EDR agents to our infrastructure using GPO.

      1. In your Domain Server, open Server Manager, click Tools and open Group Policy Management.
      

      2. In the Group Policy Management console, right-click the domain name (which is, in this case, osi.com.my), and click Create a GPO in this domain, and link it here.
      3. In the New GPO box, in the Name box, type Deploy EDR Agent, and then click OK.
      

      4. Next, on the Group Policy Management console, right-click Deploy EDR GPO and click Edit.
      5. In the Group Policy Management Editor, under Computer Configuration, expand Policies, and then expand Software Settings.
      6. Right-click Software installation. From the context menu, click New, and then click Package.
      

      7. In Open dialog box, browse to the shared folder and click on Setup.MBEndpointAgent.msi, and then click Open.
      

      8. In the Deploy Software window, ensure that the Assigned option is selected, and then click OK.
      

      9. Wait for a few seconds and verify that the Malwarebytes Agent is listed in the Group Policy Management Editor.
      

      10. Now let's switch to our Windows client PC, we do recommend that you run gpupdate /boot /force in the client PC and then restart the client PC.
      11. After restarting your client PC and logging in as a domain user, you can verify that Malwarebytes Agent is installed.

    • Related Articles

    • AlienVault Agent Installation on Windows Hosts

      To install the AlienVault Agent on Microsoft Windows, you must run a script that you access from your USM Anywhere environment. When you run the installation script on the Windows host system, the script downloads an .msi file directly from USM ...
    • Acronis cyber protect Agent - Window Agent

      OS requirements Windows XP Professional SP1 (x64), SP2 (x64), SP3 (x86) Windows XP Professional SP2 (x86) – supported with a special version of Agent for Windows. For details and limitations of this support, refer to "Agent for Windows XP SP2". ...
    • Install Elastic Agent in Windows Server

      Step 1: login to the ELK Dashboard Step 2: Go to the Fleet Option which is under Management option Step 3: After that click to Add Agent Steps 4: Select Type of Host in Example : "Windows Server" Step 5: Enroll in Fleet?(Leave as it is ) Step 6: ...
    • Acronis ADLP - Dataflow Policy

      Creating the data flow policy and policy rules The key principle of data loss prevention demands that users of a corporate IT system should be allowed to handle sensitive data only to the extent necessary to perform their job duties. Any other ...
    • Acronis SQl agent- Installation windows

      REQUIREMENTS: Supported operating systems: Windows XP Professional SP1 (x64), SP2 (x64), SP3 (x86) Windows Server 2003 SP1/2003 R2 and later – Standard and Enterprise editions (x86, x64) Windows Small Business Server 2003/2003 R2 Windows Server 2008, ...