G DATA MXDR

Instructions for installing the G DATA MXDR agent on Linux

You can install the G DATA Agent for Linux in a few simple steps.

Important information on using clone templates / images.

The G DATA Agent must not be installed on images that will be subsequently used to clone the image onto other systems. The installation of the G DATA Agent must always be performed after a cloning operation to ensure that incidents can be uniquely identified.

If you have the G DATA Security Client installed, uninstall it first and restart the system before installing the G DATA Agent.

Download the desired installation file in the view "Installing new endpoints".

First, switch to the root user.

su -

Depending on whether you have a Debian system or are performing the installation with RPM, the installation commands differ slightly.

4.a

.deb file (Debian based systems):

SETUPID=<setupid> apt install ./gdata-agent-amd64.deb

You can obtain a setup file and the required Setup-ID in the G DATA Web Portal in the “Install new endpoints” view.

In some cases, when installing the G DATA Agent for Linux on Debian-based systems, you may receive the following message:

N: Download is performed unsandboxed as root as file […] couldn’t be accessed by user '_apt'.

The “N” stands for Notice. You probably downloaded the file as root, and other users were not granted access rights to the file.

APT attempts to perform the installations in a sandbox using the user "_apt". However, if this user does not have access to the file, the specified alert is displayed and the installation is performed by root instead.

The agent is therefore installed normally, this is not an error, just a Notification.

You can easily bypass the alert by granting read permissions to other users (Other) before executing the file:

sudo chmod 644 ./gdata-agent-amd64.deb

or you can just utilize dpkg instead of apt to install the package:

sudo dpkg -i ./gdata-agent-amd64.deb

4.b

.rpm file:

SETUPID=<setupid> rpm -i ./gdata-agent-x86_64.rpm

Optionally, if required, the proxy settings such as PROXYPACURL, PROXYURL, PROXYUSERNAME and PROXYPASSWORD can be appended to the installation call as parameters. For more information, see the agent configuration page.

Installation example for Debian based systems:

SETUPID=<setupid> PROXYURL=<myProxyURL> PROXYUSERNAME=<myUsername> PROXYPASSWORD=<myPassword> apt install ./gdata-agent-amd64.deb

Installation example for RPM:

SETUPID=<setupid> PROXYURL=<myProxyURL> PROXYUSERNAME=<myUsername> PROXYPASSWORD=<myPassword> rpm -i ./gdata-agent-x86_64.rpm

The installation is now complete. You can customize the G DATA Agent to, for example, set proxy settings. How to do this is explained in here.

Accessibility of the G DATA cloud

To ensure the managed service, the G DATA cloud must be accessible and must not be blocked by the firewall. The following listed settings are required for this. It must be ensured that *.gdatasecurity.de and *.gdatasoftware.com can be resolved and reached.

Port sharing
- The G DATA agents on the endpoints must be able to reach the IPs of our backend servers via port TCP/443, IP range 194.156.84.0/22 (194.156.84.0 - 194.156.87.255).
Protocols
- The systems must be able to communicate via the HTTPS:// and WSS:// protocols.
TLS
- Proxy servers used must support at least TLS 1.2.
- There can be no SSL inspection or deep packet inspection.

Error handling

If the installation on a debian based Linux, the package is still installed but in the state "half configured". You can verify this with the following command.

dpkg --status gdata-agent

This lists several attributes of the agent installation, similar to this:

Package: gdata-agent
Status: install ok half-configured
Maintainer: G DATA CyberDefense AG
Architecture: amd64
Version: 2025.0715.1314
Depends: libc6 (>= 2.28)
Description: G DATA Agent for Linux by G DATA CyberDefense AG (365@gdata.de)

In case under "Status" is noted "install ok half-configured" (as in the example), it is best to uninstall the package end retry the installation process.