Guest Introspection supports file introspection feature for guest virtual machines having Linux operating system. File introspection offloads file scanning from a production VM to a dedicated partner security appliance SVM or DLP, a VMware appliance running on the same host. Guest Introspection supports file Introspection in Linux for anti-virus only.

Linux thin agent is available as part of the VMware Tools operating system specific packages (OSPs). Linux thin agent installation/upgrade is not connected to NSX installation/upgrade. Also, Enterprise/Security Administrator (non-NSX Administrator) can install the agent on guest VMs outside of NSX.

To install Linux thin agent on RHEL/SLES systems, use the RPM package. To install Linux thin agent on Ubuntu systems, use the DEB package.

Ensure that the guest virtual machine has ESX 5.1 or later and a supported version of Linux installed. The following Linux operating systems are supported for NSX Guest Introspection:

RHEL 7 GA (64 bit)

SLES 12 GA (64 bit)

Ubuntu 14.04 LTS (64 bit )

Note

Linux thin agent requires GLib 2.0 to be installed on the target system.

Based on your Linux operating system, perform the following steps with root privilege:

For Ubuntu systems:

a

Obtain and import the VMware packaging public keys using the following commands:

curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub

apt-key add VMWARE-PACKAGING-GPG-RSA-KEY.pub

b

Create a new file named vm.list file under /etc/apt/sources.list.d.

c

Edit the file with the following content:

vi /etc/apt/sources.list.d/vm.list
deb https://packages.vmware.com/packages/ubuntu/ trusty main

d

Now, install the package as follows:

apt-get update
apt-get install vmware-nsx-gi-file

For RHEL7 systems:

a

Obtain and import the VMware packaging public keys using the following commands:

curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub

rpm --import VMWARE-PACKAGING-GPG-RSA-KEY.pub

b

Create a new file named vm.repo file under /etc/yum.repos.d.

c

Edit the file with the following content:

vi /etc/yum.repos.d/vm.repo
[vm]
name = VMware
baseurl = https://packages.vmware.com/packages/rhel7/x86_64
enabled = 1
gpgcheck = 1
metadata_expire = 86400
ui_repoid_vars = basearch

d

Now, install the package as follows:

yum install vmware-nsx-gi-file

For SLES systems:

a

Obtain and import the VMware packaging public keys using the following commands:

curl -O https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub

rpm --import VMWARE-PACKAGING-GPG-RSA-KEY.pub

b

Add the following repository:

zypper ar -f "https://packages.vmware.com/packages/sle12/x86_64/" VMware

c

Now, install the package as follows:

zypper install vmware-nsx-gi-file

Check if the thin agent is running using the service vsepd status command with the administrative privileges. The status should be running.