Manage EPM-UL Hosts

To access the hosts, a valid SSH credential with administrative rights on the host is required.

To manage Endpoint Privilege Management for Unix and Linux (EPM-UL) hosts:

1. Go to the Hosts > Host Inventory page.
2. Select a host, and then at the far right, click the ellipsis menu icon and select Perform Host Actions.

3. Choose the action to perform, and then follow the procedures in this section.

Software is installed with default configuration values, unless RNS Primary and All Components is selected. If not detected during installation, the installer generates network and REST encryption keys. All future EPM-UL installations will use these keys. The keys can be managed on the Settings page.

Install the EPM-UL Policy Server

To install the EPM-UL Policy Server:

1. Go to the Hosts > Host Inventory page.
2. Select a host, and then at the far right, click the ellipsis menu icon and select Perform Host Actions.

3. Select Endpoint Privilege Management for Unix and Linux, and then select Next Step.
4. Select Install, and then click Next Step.
5. On the Action Requirements page, select an installation template. The features enabled in the template affect the options available. The following list displays default templates.
   • All Components: All EPM-UL components will be installed except for RNS server.
   • License Server Only: Only the EPM-UL license server will be installed.
   • Policy and Log Server Only: All server components of EPM-UL will be installed except for RNS server.
   • Submit and Run Host Only: The client components of EPM-UL will be installed.
   • Primary Registry Server and All Components: All EPM-UL components will be installed including RNS server.
6. After selecting a template, you can choose to use client registration. Note that some features selected in installation templates may require or disallow using client registration. To use client registration select a Client Registration Server, and then select a Client Registration Profile.
7. If you choose not to use client registration, you can manually select multiple policy, log, and license servers if your Installation template allows it. If you are installing a new primary policy, log, or license server click the toggle switch to indicate that this host will become a new primary policy, log, or license server.

8. On the Credential Selection page, select a logon credential to access the remote system. If you cannot log on as root, then select one of the following to run the action with escalated privileges: pbrun, sudo, or sudo su. This might require choosing a second credential.

9. Review the Summary page, and then click Finish.

10. Review the Task page and verify the completed status of attempted actions under Task Summary.
11. To view more information about Task Status, click Task Details.

Upgrade the EPM-UL Policy Server

To upgrade the Policy Server to the version loaded in the console:

1. Go to the Hosts > Host Inventory page.
2. Select a host, and then at the far right, click the ellipsis menu icon and select Perform Host Actions.

3. Select Endpoint Privilege Management for Unix and Linux, and then click Next Step.
4. Select Upgrade, and then click Next Step.

5. On the Credential Selection page, select a logon credential to access the remote system. If you cannot log on as root, then select one of the following to run the action with escalated privileges: pbrun, sudo, or sudo su. This might require choosing a second credential.

6. Review the Summary page, and then click Finish.

7. Review the Task page and verify the completed status of attempted actions under Task Summary.
8. To view more information about Task Status, click Task Details.

Uninstall the EPM-UL Policy Server

To remove the Policy Server:

1. Go to the Hosts > Host Inventory page.
2. Select a host, and then at the far right, click the ellipsis menu icon and select Perform Host Actions.

3. Select Endpoint Privilege Management for Unix and Linux, and then click Next Step.
4. Select Uninstall, and then click Next Step.

5. On the Credential Selection page, select a logon credential to access the remote system. If you cannot log on as root, then select one of the following to run the action with escalated privileges: pbrun, sudo, or sudo su. This might require choosing a second credential.

6. Review the Summary page, and then click Finish.

7. Review the Task page and verify the completed status of attempted actions under Task Summary.
8. To view more information about Task Status, click Task Details.

Configure SIEM for Use With an Endpoint Privilege Management for Unix and Linux Server

To configure a SIEM connection, it must first be set up under Settings > SIEM Connections. For more information, see Manage SIEM Connections.

To configure SIEM for use with an EPM-UL server:

1. Go to the Hosts > Host Inventory page.
2. Select a host, and then at the far right, click the ellipsis menu icon and select Perform Host Actions.

3. Select Endpoint Privilege Management for Unix and Linux, and then click Next Step.
4. Select Configure a SIEM for use with one or more Endpoint Privilege Management for Unix and Linux servers, and then click Next Step.
5. On the Action Requirements page, select a SIEM connection from the dropdown.

6. On the Credential Selection page, select a logon credential to access the remote system. If you cannot log on as root, then select one of the following to run the action with escalated privileges: pbrun, sudo, or sudo su. This might require choosing a second credential.

7. Review the Summary page, and then click Finish.

8. Review the Task page and verify the completed status of attempted actions under Task Summary.
9. To view more information about Task Status, click Task Details.