Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiDLP Agent Deployment Guide

    Home FortiDLP Agent 12.0.0 FortiDLP Agent Deployment Guide
    12.0.0
    12.0.0
    11.5.1
    11.4.6
    11.4.5
    11.4.3
    11.4.2
    11.3.4
    11.3.3
    11.3.2
    11.2.3
    11.2.0
    11.1.2
    11.1.1
    11.0.1
    10.5.1
    10.4.0
    10.3.1

    Installing the FortiDLP Agent on Linux

    Installing the FortiDLP Agent on Linux

    You can install the FortiDLP Agent on Linux devices running Red Hat or CentOS by using the RPM installer, or on Linux devices running Ubuntu by using the DEB installer. These installation packages are available for download from the Next DLP Support Portal or the FortiDLP Console's Agent deployment tab.

    You must install the FortiDLP Agent on each device you want to monitor.

    How to install the FortiDLP Agent on Red Hat
    1. Open a command-line interface with root privileges.
    2. Run the command yum update -y.
      3. Note

      You may need to reboot the device if there is a kernel change.
    3. Install the dependencies:
      1. Run the command dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm.
      2. Run the command yum install "kernel-devel-uname-r == $(uname -r)".
      3. Run the command yum install --enablerepo=epel dkms.
    4. Install the Agent by running the command rpm -Uvh agent-rpm.rpm.

    The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    How to install the FortiDLP Agent on Ubuntu w/Secure Boot disabled
    Note

    These instructions should be followed if Secure Boot is disabled on the device.

    To verify if Secure Boot is disabled, run the command mokutil --sb-state. If it is turned off, SecureBoot disabled will be shown in the message output.
    1. Open a command-line interface with root privileges.
    2. Run the command apt-get update.
    3. Upgrade your system by running the command apt-get upgrade -y.
      4. Note

      You may need to reboot the device if there is a kernel change.
    4. Install the dependencies by running the command apt install ./agent-deb.deb.
    5. Install the Agent by running the command apt-get install -y ./agent-deb.deb.

    The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    How to install the FortiDLP Agent on Ubuntu w/Secure Boot enabled
    Note

    These instructions should be followed if Secure Boot is enabled on the device.

    To verify if Secure Boot is enabled, run the command mokutil --sb-state. If it is turned on, SecureBoot enabled will be shown in the message output.
    1. Open a command-line interface with root privileges.
    2. Verify if DKMS is installed by running the command dkms status.
      • If Command 'dkms' not found is shown in the message output, DKMS is not installed. To install it, run the command apt install dkms.
    3. Verify if the kernel headers are installed:
      1. To view the current kernel version, run the command uname -r.
      2. To check if kernel headers are installed for this current kernel version, run the command
        apt list linux-headers-$(uname -r).
        • If the message output does not include [installed, local], kernel headers are not installed. To install them, run the command apt-get install linux-headers-$(uname -r).
    4. Run the command apt-get update.
    5. Upgrade your system by running apt-get upgrade -y.
      6. Note

      You may need to reboot the device if there is a kernel change.
    6. Navigate to the directory the DEB installer was downloaded to.
    7. Install the dependencies by running the command apt install ./agent-deb.deb.
      The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.
    8. In the Configuring Secure Boot dialog box:
      1. Select OK.
      2. Enter a password.
      3. Select OK.
      4. Re-enter the password.
      5. Select OK.
    9. Reboot the device.
    10. In the Perform MOK management dialog box:
      1. Press any key.
      2. Select Enroll MOK.
      3. Select Continue.
      4. Select Yes.
      5. Enter your password from step 8b.
      6. Select Reboot.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    Previous
    Next

    Installing the FortiDLP Agent on Linux

    Installing the FortiDLP Agent on Linux

    You can install the FortiDLP Agent on Linux devices running Red Hat or CentOS by using the RPM installer, or on Linux devices running Ubuntu by using the DEB installer. These installation packages are available for download from the Next DLP Support Portal or the FortiDLP Console's Agent deployment tab.

    You must install the FortiDLP Agent on each device you want to monitor.

    How to install the FortiDLP Agent on Red Hat
    1. Open a command-line interface with root privileges.
    2. Run the command yum update -y.
      3. Note

      You may need to reboot the device if there is a kernel change.
    3. Install the dependencies:
      1. Run the command dnf install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm.
      2. Run the command yum install "kernel-devel-uname-r == $(uname -r)".
      3. Run the command yum install --enablerepo=epel dkms.
    4. Install the Agent by running the command rpm -Uvh agent-rpm.rpm.

    The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    How to install the FortiDLP Agent on Ubuntu w/Secure Boot disabled
    Note

    These instructions should be followed if Secure Boot is disabled on the device.

    To verify if Secure Boot is disabled, run the command mokutil --sb-state. If it is turned off, SecureBoot disabled will be shown in the message output.
    1. Open a command-line interface with root privileges.
    2. Run the command apt-get update.
    3. Upgrade your system by running the command apt-get upgrade -y.
      4. Note

      You may need to reboot the device if there is a kernel change.
    4. Install the dependencies by running the command apt install ./agent-deb.deb.
    5. Install the Agent by running the command apt-get install -y ./agent-deb.deb.

    The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    How to install the FortiDLP Agent on Ubuntu w/Secure Boot enabled
    Note

    These instructions should be followed if Secure Boot is enabled on the device.

    To verify if Secure Boot is enabled, run the command mokutil --sb-state. If it is turned on, SecureBoot enabled will be shown in the message output.
    1. Open a command-line interface with root privileges.
    2. Verify if DKMS is installed by running the command dkms status.
      • If Command 'dkms' not found is shown in the message output, DKMS is not installed. To install it, run the command apt install dkms.
    3. Verify if the kernel headers are installed:
      1. To view the current kernel version, run the command uname -r.
      2. To check if kernel headers are installed for this current kernel version, run the command
        apt list linux-headers-$(uname -r).
        • If the message output does not include [installed, local], kernel headers are not installed. To install them, run the command apt-get install linux-headers-$(uname -r).
    4. Run the command apt-get update.
    5. Upgrade your system by running apt-get upgrade -y.
      6. Note

      You may need to reboot the device if there is a kernel change.
    6. Navigate to the directory the DEB installer was downloaded to.
    7. Install the dependencies by running the command apt install ./agent-deb.deb.
      The installation will complete within 1–10 minutes, depending on the number of active kernel versions on the device. The output displayed during this period will indicate the installation progress.
    8. In the Configuring Secure Boot dialog box:
      1. Select OK.
      2. Enter a password.
      3. Select OK.
      4. Re-enter the password.
      5. Select OK.
    9. Reboot the device.
    10. In the Perform MOK management dialog box:
      1. Press any key.
      2. Select Enroll MOK.
      3. Select Continue.
      4. Select Yes.
      5. Enter your password from step 8b.
      6. Select Reboot.

    When the installation succeeds, proceed to Enrolling the FortiDLP Agent on Linux.

    Previous
    Next