Installing Powertech Antivirus

Use the following instructions to install Powertech Antivirus

NOTE: If you intend to install Powertech Antivirus to an air-gapped system, see Air-Gapped Installation of Insite and Powertech Antivirus.

Before You Begin

Read this section before you install Powertech Antivirus.

System Requirements

The following are general system requirements and may vary depending on the nature of your environment.

Linux

  • Supported Linux OS Versions:
    • Amazon 2
    • IBM LinuxONE and Linux on IBM Z for supported SLES, RHEL, and Ubuntu operating systems
    • IBM Linux on Power Big Endian for RHEL 7
    • IBM Linux on Power Little Endian for supported RHEL and SUSE operating systems
    • MINT 18
    • Red Hat Enterprise Linux 6, 7, and 8
    • CentOS 7
    • Debian 8
    • Oracle 7
    • Suse Enterprise Linux 12 and 15
    • Ubuntu 16.04, 18.04, and 20.04
  • Approximately 1.2 GB disk space in /opt, 1.5 GB is recommended

AIX

  • IBM AIX 7.1 TL4+
  • IBM AIX 7.2
  • Approximately 1.5 GB disk space in /opt, 2 GB is recommended
  • IBM AIX 7.1 TL4+ or later is required for On-Access Scanning

Solaris

  • Approximately 1.5 GB disk space in /opt, 2 GB is recommended
  • Oracle Solaris 10 and 11, Intel and SPARC
  • Solaris 11.4 or later is required for On-Access Scanning
  • Solaris 11.4 is required for HelpSystems Insite integration.

Compatibility with Insite

To use Insite to access your products through a web browser, you must meet the following browser and/or operating system requirements.

Hardware Type Minimum Browser and/or OS Requirements
Desktop/Laptop Firefox 11 or higher

Chrome 21 or higher

Internet Explorer 11

Safari 6.1 or higher

Microsoft Edge
Mobile Device iOS: Browsers on iOS 8 or higher

Android: OS 4.4 or higher using Chrome

Windows: OS 10 using Edge
IBM i V7R1 or higher operating system

For more details, see Insite System Requirements.

Installing Powertech Antivirus with Insite

NOTE: If you are installing on an RHEL system configured to use FIPS mode, skip to Installing or Updating Powertech Antivirus Manually below.

Insite allows you to easily install Powertech Antivirus on one or more endpoints with little manual configuration required. To do so:

  1. Install Insite, including the Powertech Antivirus module (an option within the Insite installation wizard). The Insite download is available at the HelpSystems Community Portal. You can reference instructions for installing, licensing, and configuring Insite on the Insite download page.
  2. Open Insite. In the Deployment Manager, choose *NIX Servers.
    • If you are adding a single server, click Add. Enter the required server information in the New *NIX Server pane and click Save.
    • To import multiple endpoints, create a CSV import file with the required server information. The import file should have 2 or 4 columns in format: hostname, alias, user, password (with fully qualified hostname and alias required). After you have created the import file:
      1. Choose Import > Upload *NIX Servers.
      2. Select Choose File to select the .csv file with the server information.
      3. Configure authentication details and click OK. See Upload *NIX Servers pane for more information.
  3. In the Navigation Pane, choose Products.
  4. In the Powertech Antivirus for AIX / Linux box, click (Show Actions) and select Install.
  5. Select the servers and click Add. The servers begin receiving the endpoint install file. When that task completes, the endpoint is registered and then allowed with Powertech Antivirus.
  6. In the Navigation Pane, go to Powertech Antivirus and select Endpoints. Check servers in the list to enable the available actions, which appear at the top of the screen. To set a selection of checked endpoints to automatically restart Powertech Antivirus after a reboot, choose Enable Autostart.

After you have installed, see Updating Virus Definitions to configure Powertech Antivirus to scan using the latest virus definition DAT files from McAfee.

Installing or Updating Powertech Antivirus Manually

Follow these instructions to install Powertech Antivirus on individual endpoints.

  1. Download the Powertech Antivirus install file for your operating system from the HelpSystems Community Portal. If you're a new user, you should have received an email message containing the download link. If you don't have it, contact your Regional Manager.
    NOTE: AIX users: Powertech Antivirus can be installed using the rpm command or using SMIT (System Management Interface Tool). Using either method, first change to the directory where the file is located (i.e. cd /home).
  2. Unzip the download file, then place the rpm file, or deb file for Ubuntu, on the host machine.

    If you are updating Powertech Antivirus, you will run the product installer over the existing installation. By default, the update folder is the same as the one used for your original Powertech Antivirus installation. (If your current installation uses a different install path, that path can be provided with the --prefix option.) Before updating, backup any user data.

    Once the update is complete, a new license file will need to be placed in the installation folder. Make sure to keep a copy of license.xml if a rollback to the previous version is needed.

    NOTE: If you are updating and need to identify the version that is currently installed, run the following command: /opt/sgav/avsvcinfo

Installing or Updating with RPM

Follow these instructions to install or update Powertech Antivirus with RPM.

To install or update on Red Hat (non-FIPS mode), SLES, or AIX with RPM

Run the following command to install: 

rpm --install <rpm-file-name>

where <rpm-file-name> is the name of the .rpm installation file.

NOTE:
If your RHEL system is configured to use FIPS mode, run the following command to install:
rpm --install --nodigest --nofiledigest <rpm-file-name>

where <rpm-file-name> is the name of the .rpm installation file.

By default, the product will install to the /opt/sgav directory which will be created if it does not exist. To install to a different directory, use the --prefix option. For example: 

rpm --install <rpm-file-name> --prefix /home/sgav

will install to the /home/sgav directory.

Run the following command to update:

rpm --upgrade <rpm-file-name>

where <rpm-file-name> is the name of the latest version of the .rpm installation file.

If you have installed to an alternate prefix, you must specify the prefix when upgrading if you want the new version installed there as well:

rpm --upgrade <rpm-file-name> --prefix /home/sgav

To install or update on Solaris

Run the following command:

pkgadd -d ./pkg-file-name.pkg HSsgav
EXAMPLE:
pkgadd -d ./sgav-5.4.2-775.sol10.i86pc.pkg HSsgav

Powertech Antivirus installs to the /opt/sgav directory, which is created if it does not exist.

Installation requires that some files are installed setuid-root, and some scripts are executed with super-user permission. Depending on system configuration, you may be prompted to allow this to occur.

To install to a different directory, use a response file that sets BASEDIR to the alternate location. For example, to install to /usr/local/sgav, create a response file 'response.sgav' that contains BASEDIR=/usr/local and use the response file in your installation command.

EXAMPLE:
pkgadd -r ./response.sgav -d ./sgav-5.4.2-775.sol10.i86pc.pkg HSsgav

Solaris PKG Uninstallation

To uninstall the software, run the following command:

pkgrm HSsgav

Uninstallation requires that scripts are allowed to run with super-user permission. Depending on system configuration, you may be prompted to allow this to occur.

Solaris PKG Upgrade

To upgrade the software, uninstall the old version and install the new one.

During uninstallation, configuration files are saved with .pkgsave extensions. During installation, any configuration files in the installation directory with the .pkgsave extension are restored to current and the base versions delivered with the new package are saved with .pkgnew extensions.

To install or update on Ubuntu with DEB

To install on Ubuntu, run the following command:

dpkg -i <file-name>

where <file-name> is the name of the product .deb file.

To uninstall on Red Hat and SLES, run the following command: 

rpm -e sgav

To uninstall on Ubuntu, run the following command:

To completely remove Powertech Antivirus:

dpkg -P sgav

To remove Powertech Antivirus, but leave configuration files:

dpkg -r sgav

AIX Only: Installing or Updating using SMIT (System Management Interface Tool)

To install or update using SMIT, run the following command: 

smit install_software

Type the directory where the .rpm file is stored in the INPUT device field, and type sgav for SOFTWARE to install as shown below:

NOTE: Users performing an update—If the latest version of Powertech Antivirus is in the same folder as the previous version, use F4 to list the packages that match sgav. Choose sgav-5.0.0.
			SOFTWARE to install                              
	                                                                       
Move cursor to desired item and press F7. Use arrow keys to scroll.
    ONE OR MORE items can be selected.
Press Enter AFTER making all selections.
                                                                          
   sgav                                                   ALL
	   
      @@R:sgav-5.0.0-705 5.0.0-705 
      @@R:sgav-4.3.0-602 4.3.0-602

Install Software

  1. Type or select values in entry fields.
  2. Press Enter AFTER making all desired changes.
[Entry Fields]
* INPUT device / directory for software               /home
* SOFTWARE to install                                [sgav-5.0.0-705 sgav-5.0.0-705  > +
PREVIEW only? (install operation will NOT occur)    no                     +
COMMIT software updates?                            yes                    +
SAVE replaced files?                                no                     +
AUTOMATICALLY install requisite software?           yes                    +
EXTEND file systems if space needed?                yes                    +
OVERWRITE same or newer versions?                   no                     +
VERIFY install and check file sizes?                no                     +
Include corresponding LANGUAGE filesets?            yes                    +
DETAILED output?                                    no                     +
Process multiple volumes?                           yes                    +
ACCEPT new license agreements?                      no                     +
Preview new LICENSE agreements?                     no                     +
WPAR Management
Perform Operation in Global Environment         yes                    +
Perform Operation on Detached WPARs             no                     +
Detached WPAR Names                        [_all_wpars]            +
Remount Installation Device in WPARs            yes                    +
Alternate WPAR Installation Device             []
F1=Help          F2=Refresh        F3=Cancel        F4=List
F5=Reset         F6=Command        F7=Edit          F8=Image
F9=Shell         F10=Exit          Enter=Do
  1. When the installation is complete, the following screen will appear. Ensure the Command status is OK.
COMMAND STATUS
Command: OK            stdout: yes           stderr: no

Before command completion, additional instructions may appear below.

installp: The specified device /home/root
is not a valid device or file.
geninstall -I "a -cgNQqwX -J"  -Z   -d /home -f File 2>&1

File:
R:sgav-5.0.0-705                  
Validating RPM package selections ...
Please wait...
sgav                        ##################################################

Connecting Powertech Antivirus to Insite

Use the following procedure to connect Powertech Antivirus to Insite after manually installing Powertech Antivirus on an endpoint. In order to use Insite to monitor and manage endpoints, you need to register Powertech Antivirus on the endpoint using the Insite Integration Service.

  1. Install Insite, including the Powertech Antivirus module (an option within the Insite installation wizard). The Insite download is available at the HelpSystems Community Portal. You can reference instructions for installing, licensing, and configuring Insite on the Insite download page.

  2. Open Insite in your web browser.

    NOTE: The Insite Powertech Antivirus Service is allowed automatically.
  3. Copy your Insite Service API Key. To do so:
    1. Go to Settings > Integration Service Admin.
    2. For the key, choose (Show Actions) > Copy.
  4. On the endpoint:
    1. Go to the Integration Service folder using command cd ptav-home/integration (opt/sgav/integration by default).
    2. Run the registration command register.sh with the required parameters, pasting the Server Key you have copied for -k.

      Required Parameters:

      -k|--key)       Server Key
-s|--server)    Fully Qualified Domain Name

      Optional Parameters:

      -p|--port)      Server Port [default=8998]
-a|--alias)     Alias Name
-c|--client)    Client IP/DNS Name
-f|--folder)    Client Install Path

      EXAMPLE: ./register.sh -k ad24embc-517u-43f1-80a8-68446a2f0e8d -s myinsiteserver.mydomain.com

  5. Return to Insite and choose Powertech Antivirus > Connection Settings. The server you have added appears in the list. Its status is New , indicating the endpoint has not been allowed. Allowing an endpoint is required to indicate the endpoint should be allowed to communicate with the Insite server.
  6. To approve the registered endpoint, click (Show Actions) > Allow. Doing this:
    • Allows the Powertech Antivirus Service to connect to Insite's Integration Service.
    • Triggers the Integration Service to start sending health check requests to the endpoint system.
    NOTE: Servers can also be allowed by checking the server and selecting Allowed at the top of the screen.

    7. Insite now lists the endpoint's status as critical , indicating the endpoint is not responding to health checks.

    NOTE: Each endpoint needs to be able to resolve to a domain name.

  7. Run the following command on the endpoint system (in ptav-home/integration) to begin responding to health check requests sent by Insite.

    8. ./avinsitectl start

    NOTE: The command above starts the service once, but does not "enable" it to run after reboot. To also automatically start after reboot, use the command:

    ./avinsitectl enable

    Insite now lists the endpoint's status as good , indicating it is now responding to health check requests.

  8. Repeat steps 2-7 for additional servers you would like to register and scan. See Using Powertech Antivirus with Insite for more details.

After you have installed, see Updating Virus Definitions to configure Powertech Antivirus to scan using the latest virus definition DAT files from McAfee.

NOTE: See the Insite User Guide for more details on setting up and using Insite.

Licensing

After your purchase, you will receive an email from HelpSystems with your license code attached. You can apply the license directly to the endpoint, or add it using Insite. Using Insite allows you to apply a license to several endpoints simultaneously.

To manually license Powertech Antivirus directly on an endpoint

  1. Rename the file to "license" (no extension).
  2. Save the attached file to the /opt/sgav directory (or wherever the product was installed).

To license Powertech Antivirus endpoints using Insite

NOTE: Licensing with Insite is a feature of Powertech Antivirus 5.4 and later.
  1. Connect Powertech Antivirus to Insite.
  2. In the Navigation Pane, click Licenses. The Licenses screen appears.
  3. Click Add. The Add License dialog box appears.
  4. Click Choose File. Navigate to the license file sent via email from HelpSystems.
  5. Select the license file and click Open. Repeat the previous two steps for additional license files.
  6. Click Add. The license file is added to the license list.
  7. In the Navigation Pane, click Endpoints. The Endpoints screen appears.
  8. Use the check boxes to select the endpoints you would like to license, and click Allocate License. The Allocate License dialog box appears.
  9. Choose the license you would like to allocate from the License drop-down list, and click Allocate.

After You Are Done

Congratulations! Powertech Antivirus is now installed. Read the following for additional information regarding port configuration.

Port/Server Configuration 

This is the mapping of the services Insite and Powertech Antivirus run and the ports used. The ports shown are default ports. If they are already in use during the installation, a different port is used.

The following ports must be open in order for Insite to function:

  • 8998: HTTP port used for product registration (can be selectively enabled in firewall)
  • 3030: Insite web port
  • 9092: Communication port

The following port is used by Insite's Deployment Manager for product updates. It can be blocked when not in use.

  • 22: SSH port

The remaining ports are only used for local communication under a single server Insite installation.

9001 on the Insite Analytics Service is used by:

  • Allowed internal/corporate users
  • Allowed external users
  • The Insite Server

3030 on the Insite Server is used by:

  • Allowed internal/corporate users
  • Allowed external users
  • The Insite Analytics Service

5432 on the Insite Database is used by:

  • The Insite Server
  • The Insite Analytics Service
  • The Powertech Antivirus Service
  • The Insite Integration Service

9092 on the Insite Message Broker is used by:

  • The Insite Server
  • The Insite Analytics Service
  • The Powertech Antivirus Service
  • Powertech Antivirus endpoints
  • The Insite Integration Service

2181 on the Insite Coordinator port is used by:

  • The Insite Message Broker
  • The Insite Integration Service

8023 (HTTP) on the Powertech Antivirus Service is used by the Powertech Antivirus endpoints when updating virus definitions via the DAT File Repository.

8998 on the Insite Integration Service is used by the Powertech Antivirus endpoints (initial registration).

8200 on the Secure Storage port is used by the Insite Integration Service.

Single Server Configuration (default)

Single Server Configuration (DAT repository)

Dual Server Configuration

For a dual server installation, the database port (5432 by default) also needs to be open.

Air-Gapped Configuration

See also Updating virus definitions on air-gapped servers.

Contacting Us

For additional resources, or to contact Technical Support, visit the HelpSystems Community Portal at https://community.helpsystems.com.