Automating AppDefense Guest module on Linux systems

June 11, 2019

You can install AppDefense Guest Module on the supported Linux system. The installation of AppDefense Guest Module installs the AppDefense package, Guest Introspection package, and the netfilter dependencies.

Guest Introspection is a service that is deployed to offload security functions to a dedicated security appliance on each host. As a result, Guest Introspection removes the need for an antivirus agent within the guest operating system.

 

Recently I was tasked to install AppDefense guest module on handful number of Linux servers. There are numerous ways to automate the installation of AppDefense guest module package depending upon the tools you have. I wrote below PowerShell script to automate the package installation on each AppDefense supported Linux systems.

 

This script requires VMware Tools or open-vm-tools to be installed & running inside guest OS. Also an input file with the list of VMs on which package has to be installed.

Write-Host "Enter the vCenter you wish to connect to:" -ForegroundColor Yellow
$vcenter = Read-Host
$vc_creds = Get-Credential -Message "Please enter the vCenter Admin Credentials"
Try{
    Connect-VIServer $vcenter -Credential $vc_creds -ErrorAction Stop | Out-Null
}
catch{

    Write-Host $Error[0] -ForegroundColor Red
    break
}
        $file = Read-Host "Enter text File complete Path"
        $list = Get-Content $file
        $vms = Get-VM $list
Write-Host "Starting AppDefense Installation. Please enter the Linux VM root Credentials" -ForegroundColor Yellow
        Start-Sleep -Seconds 2
        $os_creds = Get-Credential -Message "Enter the Linux VM Guest OS root Credentials"
        $installed = @()
        $poweredoff = @()
        $failedvm = @()
        $i = 0
        $InstallScript = 'curl -s https://appd-dl.vmware.com/repository/linux-guest-install.sh | sudo bash'
        $QueryScript = '/etc/init.d/vmw_glxd status'
        foreach($vm in $vms){
        $i++
        Write-Progress -activity "Configuring AppDefense. This will take some time. . ." -status "Configuring: $i of $($vms.Count)" -percentComplete (($i / $vms.Count)  * 100)
            if($vm.PowerState -eq "PoweredOn"){
                $QueryResult = Invoke-VMScript -VM $vm -ScriptText $QueryScript -ScriptType bash -GuestCredential $os_creds -ErrorAction Continue
                if($QueryResult.Contains("AppDefense is running")){
                }

                else{
                    $InstallResult = Invoke-VMScript -VM $vm -ScriptText $InstallScript -ScriptType bash -GuestCredential $os_creds -ErrorAction Continue
                    $installedvm = @{Name=$vm}
                    $installedObj = New-Object PSObject -Property $installedvm
                    $installed += $installedObj                   
                    $ExitCode = $InstallResult.ExitCode
                    }
            }
        }
        Write-Progress -Activity "Configuring AppDefense. This will take some time. . ." -Status "Ready" -Completed        

 

Tags:

Share on Facebook
Share on Twitter
Please reload

Featured Posts

I'm busy working on my blog posts. Watch this space!

Please reload

Recent Posts
Please reload

Archive
Please reload

Search By Tags
Please reload

Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square

© 2019 VM-Xpress