Enroll Asset

Once you’ve created or selected your team. The download option will be made available to you. By clicking the download button. The package will be built behind the scenes (this may take a few moments to complete). The package will then be automatically downloaded.

_images/enroll_download.png

Installer OSX

Once the installer has downloaded double click the package from your downloads folder to start the installation.

_images/installer_osx_01.png
_images/installer_osx_02.png
_images/installer_osx_03.png

If the package fails to run then you’ll need to check your security settings under the OSX Security & Privacy, System Preferences.

Introduction Gives a brief summary of what this installer will do, including the packages that will be installed.

Read Me Gives a more in-depth breakdown of the packages that will be installed and links to the relevant documentation.

License Zercurity’s license agreement. Please take the time to read through this.

Destination Select By default Zercurity will and must be installed to the primary disk on your Mac. Please do not change the destination path unless you know what you’re doing.

Installation Type By default all packages will be installed. We recommend not changing the packages that will be installed unless you’ve customised or pre-compiled the binaries yourself.

Installation The installation will now take place. This will take a few minutes to install the various packages and register with the Zercurity server.

Summary This is the final part of the installation. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.

Installer OSX (MDM)

Zercurity can be deployed using an MDM.

JAMF Now

_images/installer_osx_jamf_01.png

Once, you’ve logged into Jamf Now proceed to the application management view from the left hand menu. Up at the top click Add an app.

Use the Upload your app tab to select your zercurity.pkg and then wait for the upload to complete before naming your new application e.g. Zercurity 2.2.

_images/installer_osx_jamf_02.png

Next, from the left hand menu head on over to your companies blueprints. Select the blueprint you want to apply the Zercurity PKG too. In most cases this will just be the default blueprint.

Firstly from the Apps tab, click Add an app and search for the app you added earlier Zercurity 2.2

Warning

For MacOSX 10.15 (Catalina) Osquery requries a custom profile be applied to the system which can only be installed via an MDM. This transparency consent and control (TCC) profile to give Osquery greater access and visibility over the system.

To apply the Zercurity TCC profile you can add it to your current blueprint. Simply select the Custom Profiles tab and then select Add a Custom Profile. You can download Zercurity’s TCC mobileconfig.

Once you’ve down all that JAMF will automatically install Zercurity onto your fleet.

Installer Linux (Debian)

This section will walk you through the installation of Zercurity against a Debian based host. Zercurity should work with:

  • Ubuntu
  • Debian

Before downloading the Debian package (.deb). There are some prerequisites you’ll need to run first.

export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $OSQUERY_KEY
sudo add-apt-repository "deb [arch=amd64] https://pkg.osquery.io/deb deb main"
sudo apt-get update
sudo apt-get install osquery

Once you’ve installed the dependencies you can the install the zercurity-2.0.deb package like so.

sudo dpkg -i zercurity-2.0.deb

The installer will take a few moments to complete. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.

Installer Linux (RHEL)

This section will walk you through the installation of Zercurity against a RHEL based host. Zercurity should work with:

  • Redhat
  • Centos
  • Fedora

Before downloading the RHEL package (.rpm). There are some prerequisites you’ll need to run first.

curl -L https://pkg.osquery.io/rpm/GPG | sudo tee /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
sudo yum-config-manager --add-repo https://pkg.osquery.io/rpm/osquery-s3-rpm.repo
sudo yum-config-manager --enable osquery-s3-rpm
sudo yum install osquery

Once you’ve installed the dependencies you can the install the zercurity-2.0-1.x86_64.rpm package like so.

sudo yum install zercurity-2.0-1.x86_64.rpm

The installer will take a few moments to complete. Upon a successful installation you can now visit the Assets section on the Zercurity dashboard to see your new asset.

Installer Windows (Standalone)

Once the installer has downloaded double click on the MSI (Windows Installer). This will start the installation of Zercurity. The windows installer requires administrator privileges.

_images/installer_windows_standalone_03.png _images/installer_windows_standalone_02.png _images/installer_windows_standalone_01.png

Once the installation has finished the Assets will be available immediately. You’re free to delete the installer.

Lastly, if you want to capture a verbose log of the installation you can run:

msiexec /i zercurity-2.1.msi /L*v C:\temp\install.txt

Installer Windows (Active Directory)

As Zercurity comes as an MSI it can be distributed to client machines with an Active Directory GPO (Group Policy Object). Before continuing you must have both Active Directory (AD) installed and a Windows File Server, from which to serve the MSI.

This walkthrough uses Windows Server 2016 Datacenter edition.

_images/installer_windows_ad_01.png

From your Windows Server. Open up the Windows Server Manager (which should launch automatically upon login). Select Tools -> Group Policy Management

This will open the Group Policy Management window. Within your organisational structure you can apply GPOs to specific teams within your domain.

_images/installer_windows_ad_02.png

In this example however, we’re going to apply our new policy to the entire domain. This will mean that every computer managed under AD domain will have Zercurity installed.

Under your domain right click on Group Policy Objects and from the context menu select New.

_images/installer_windows_ad_03.png

Provide a name for your new Group Policy Object. We’ve called ours Zercurity Installer

Click on your newly created GPO. In the right pane on the bottom, under the heading “Security Filtering”. Click on and remove the “Authenticated Users” entry. If you want this program deployed on certain computers, add all of the specific computer names that you want the software to be deployed on. Otherwise, if you want it on all computers, add the group “Domain Computers”.

Go back up to your domain (in the navigation pane) and right-click it. Click “Link an existing GPO”. Click your new GPO’s name and click OK.

Now go back to the GPO under “Group Policy Objects” folder, and right click and select Edit from the context menu.

_images/installer_windows_ad_04.png

This will now open the Group Policy Management Editor for our Zercurity Installer GPO.

_images/installer_windows_ad_05.png

Under Policies -> Software Settings there’s a tree item called Software installation. right click and select New -> Package from the context menu.

_images/installer_windows_ad_06.png

You’ll now need to provide a valid network path for the Zercurity installer.

IMPORTANT The location of zercurity-2.1.msi must be hosted from an accessible and readable drive on the network. You can use Window’s File Server to host the installer.

_images/installer_windows_ad_07.png

Accept the default setting of Assigned and click OK.

_images/installer_windows_ad_08.png

That’s it. Zercurity will now be installed when a user next logs onto their machine and you’ll see it listed on Zercurity’s Assets page.

If you are testing this on your location computer first. You can force the installation of Zercurity onto client machines by running the gpupdate command. This will cause the system to be restarted as Zercurity is installed before the user logs in.

gpupdate /target:computer /force

If you need any help. Please raise a ticket via the Zercurity application.

Installer Docker (Ubuntu)

To run Zercurity inside a Docker container please follow these steps.

docker run --name zercurity_ubuntu -ti -d --privileged=true ubuntu:latest  "/sbin/init"
docker exec -it zercurity_ubuntu /bin/bash

Before downloading the Debian package (.DEB). There are some prerequisites you’ll need to run first.

apt-get update && apt-get upgrade
apt-get install software-properties-common apt-transport-https wget rsyslog

export OSQUERY_KEY=1484120AC4E9F8A1A577AEEE97A80C63C9D8B80B
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $OSQUERY_KEY
add-apt-repository "deb [arch=amd64] https://pkg.osquery.io/deb deb main"
apt-get update
apt-get install osquery

Download the zercurity DEB to your system and install like so:

dpkg -i zercurity-2.0.deb

You should now see the docker asset displayed on your dashboard.

Installer Docker (CentOS)

To run Zercurity inside a Docker container please follow these steps.

docker run --name zercurity_centos -ti -d --privileged=true centos:latest  "/sbin/init"
docker exec -it zercurity_centos /bin/bash

Before downloading the Debian package (.RPM). There are some prerequisites you’ll need to run first.

yum update && yum upgrade
yum install sysvinit-tools

curl -L https://pkg.osquery.io/rpm/GPG | tee /etc/pki/rpm-gpg/RPM-GPG-KEY-osquery
yum-config-manager --add-repo https://pkg.osquery.io/rpm/osquery-s3-rpm.repo
yum-config-manager --enable osquery-s3-rpm
yum install osquery

Download the zercurity RPM to your system and install like so:

yum install zercurity-2.0.rpm

You should now see the docker asset displayed on your dashboard.