Installing the Agent on a Linux Server

Prerequisites

• The ECS is in the Running state and can access the Internet.
• Ensure the outbound rule of your security group allows access to the port 10180 on the 100.125.0.0/16 network segment. (This is the default setting.)
• The DNS server address of the cloud server has been set to the private DNS server address. For details, see Changing the DNS Server Address of an ECS and Private DNS Server Addresses.
• The available capacity of the disk where the agent is installed must be greater than 300 MB. Otherwise, the agent installation may fail.
• The Security-Enhanced Linux (SELinux) firewall has been disabled. The firewall affects agent installation and should remain disabled until the agent is installed.
• If any third-party security software has been installed on your server, the HSS agent may fail to be installed. In this case, disable or uninstall the software before installing the agent.

Constraints

• Only 64-bit server protection is supported.
• Mainstream OSs are supported. For details, see Supported OSs.
• The HSS agent will be automatically installed on Workspace 23.6.0 or later. If your Workspace version is earlier than 23.6.0, you can manually install the agent by referring to this section.

Installation Path

The agent installation path on servers running on Linux cannot be customized. The default path is: /usr/local/hostguard/.

Installation Operations

1. Log in to the management console.
2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
3. In the navigation pane, choose Installation & Configuration.
   

   If your servers are managed by enterprise projects, you can select the target enterprise project to view or operate the asset and detection information.

4. Click the Agent Management tab.
5. Copy the command for installing the agent.
   • Huawei Cloud server
     1. Click the value in the Servers Without Agents area to filter the servers where the agent is not installed.
     2. In the Operation column of a server, click Install Agent.
        Figure 1 Installing an agent
        
     3. In the displayed dialog box, click Copy.
   • Non-Huawei Cloud server
     
     1. Click Add Asset from Other Cloud.
        Figure 2 Adding asset from other cloud
        
     2. In the displayed slide-out panel, copy the agent installation link suitable for your system OS.

6. Remotely log in to the server where the agent is to be installed.
7. Paste the copied installation command and run it as user root to install the agent on the servers.

   If the command output shown in Installation completed is displayed, the agent is successfully installed.

   Figure 3 Installation completed
   

8. Run the following command to check the runtime status of agent:

   service hostguard status

   If the command output shown in Agent running properly is displayed, the agent is running properly.

   Figure 4 Agent running properly
   

   After the installation, it takes 5 to 10 minutes to update the agent status. You can check it on the Servers tab of the Asset Management > Servers & Quota page.

Follow-up Procedure

After the agent is installed, enable security protection for your server. For details, see Enabling Protection.

FAQs

• For details about the agent status and troubleshooting, see How Do I Fix an Abnormal Agent?
• For details about handling agent installation failures, see What Should I Do If Agent Installation Failed?
• For details about agent uninstallation, see How Do I Uninstall the Agent?