TrainingSupportCommunity

Set up ETP desktop client

Suggest Edits

Before you begin

Prepare for ā€‹ETP Clientā€‹ setup.

To set up, download, and distribute the desktop version of ā€‹ETP Clientā€‹:

  1. Download ā€‹ETP Clientā€‹. For more information, see Download ā€‹ETP Clientā€‹.

  2. If you or an IT administrator are installing ā€‹ETP Clientā€‹ for the first time:

    1. Verify that the installation file is digitally signed by ā€‹Akamaiā€‹.

    2. Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.

    3. Test the client software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.

    4. Distribute and install ā€‹ETP Clientā€‹ on corporate machines. For more information, see Install ā€‹ETP Clientā€‹.

  3. If you or an IT administrator are upgrading ā€‹ETP Clientā€‹:

    1. Verify that the installation file is digitally signed by ā€‹Akamaiā€‹.

    2. Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.

    3. Test the ā€‹ETP Clientā€‹ software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.

    4. Approve ā€‹ETP Clientā€‹. For more information, see Approve ā€‹SIAā€‹ Client.

    5. Configure how ā€‹ETP Clientā€‹ is upgraded. For more information, see Configure ā€‹SIAā€‹ Client upgrade type.

Next steps

Add the email addresses of those you want notified about upgrades to ā€‹ETP Clientā€‹. For more information, see Add email addresses for notifications and Assign email notifications.

Download ā€‹ETP Clientā€‹

Before you begin

Review Prepare for ā€‹ETP Clientā€‹ setup and Set up the desktop client.

An ā€‹Secure Internet Access Enterpriseā€‹ (ā€‹SIAā€‹) administrator or a delegated administrator can download ā€‹ETP Clientā€‹. ā€‹SIAā€‹ also allows you to access and download all previously released versions of the client.

Depending on your operating system, these files are downloaded to your computer:

  • On Windows: etpclient_<versionNumber>_win.msi

  • On Mac: etpclient_<versionNumber>_osx.pkg

    where <versionNumber> is the version number of ā€‹ETP Clientā€‹.

To download ā€‹ETP Clientā€‹:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ā€‹ETP Clientā€‹s.

  2. In the Versions Management tab, locate the file for your operating system. Depending on your operating system, you can also click the Win or Mac tabs to filter ā€‹ETP Clientā€‹ versions.

  3. Hover over the latest version of the client for your operating system and click the download icon.

šŸ“˜

If the browser's pop-up blocker prevents ā€‹ETP Clientā€‹ from downloading, make sure you allow pop-ups from ā€‹Akamai Control Centerā€‹.

Next steps

  1. Click the Configuration tab and copy the entitlement code to a secure location.

  2. Securely communicate the entitlement code, customer identifier, and SHA-256 checksum value to the IT administrator. To view the checksum value, hover over the client and the icon that contains the hash and check mark.

  3. Validate the SHA-256 checksum.

  4. The IT administrator tests the ā€‹ETP Clientā€‹ software in a local testing environment.

  5. After testing is complete and ā€‹ETP Clientā€‹ is ready for distribution, approve ā€‹ETP Clientā€‹. For more information, see Approve ā€‹ETP Clientā€‹.

Validate the SHA-256 checksum

Before you begin

  • Verify that the ā€‹ETP Clientā€‹ file is digitally signed by ā€‹Akamaiā€‹.

  • Make sure that the ā€‹SIAā€‹ administrator provided the SHA-256 checksum value that is visible in ā€‹SIAā€‹.

After the client file is downloaded, an IT administrator should validate the SHA-256 checksum. Depending on your operating system, use these instructions to compare the SHA-256 value provided in ā€‹SIAā€‹ with the value you get when completing this procedure for your operating system.

On Windows

To validate the SHA-256 checksum on Windows:

  1. Open a command prompt.

  2. Change directories to the location where the client file is located. For example, if the file is located in your Downloads folder, you can enter this command and press Enter:

    cd c:\users\<name>\downloads

    where <name> is the name of your user folder.

  3. Type this command to generate the checksum value and press Enter:

    certutil -hashfile <filename> SHA256

    where <filename> is the name of the .msi file

  4. Verify that the returned checksum value matches the SHA-256 value in ā€‹SIAā€‹. If the values do not match, contact the ā€‹SIAā€‹ administrator to download the client file again and repeat this procedure.

Next steps

The IT administrator tests ā€‹ETP Clientā€‹ software in a testing environment. Make sure ā€‹ETP Clientā€‹ is tested in an environment that contains the same network configuration, VPN, and security applications as production.

On Mac

To validate the SHA-256 checksum on Mac:

  1. Open a terminal window.

  2. Enter this command:

    shasum -a 256 <fileLocation>

    where <fileLocation> is the full path of the .pkg file on your computer.

    You can also drag and drop the file to the terminal window. The full path appears.

  3. Press Enter. The SHA-256 checksum appears.

  4. Verify that the returned checksum value matches the SHA-256 value in ā€‹SIAā€‹. If the values do not match, contact the ā€‹SIAā€‹ administrator to download the client file again and repeat this procedure.

Next steps

The IT administrator tests ā€‹ETP Clientā€‹ software in a testing environment. Make sure ā€‹ETP Clientā€‹ is tested in an environment that contains the same network configuration, VPN, and security applications as production.

Approve ā€‹ETP Clientā€‹

Before you begin

Download and test ā€‹ETP Clientā€‹. See Download ā€‹ETP Clientā€‹.

You need to approve ā€‹ETP Clientā€‹ before it is installed on end user machines or eligible for upgrade. An IT administrator needs to test the client software before it is approved.

To undo ā€‹ETP Clientā€‹ approval, see Undo ā€‹ETP Clientā€‹ approval.

You need to be an ā€‹SIAā€‹ administrator to perform this task.

To approve ā€‹ETP Clientā€‹:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ā€‹ETP Clientā€‹s.

  2. In the Versions Management tab, locate the file for your operating system. Depending on your operating system, you can also click the Win or Mac tabs to filter client versions.

  3. Hover over the client and click the Approve icon.

Next steps

After the client is approved, you can configure how end users are upgraded when a new version of the client is available. For more information, see Configure ā€‹ETP Clientā€‹ upgrade type.

Configure ā€‹ETP Clientā€‹ upgrade type

Before you begin

Approve ā€‹ETP Clientā€‹.

After approving ā€‹ETP Clientā€‹, you can select how the client is upgraded on end user machines. You can select from these upgrade options:

  • On Demand: Selected by default. End users are notified when an upgrade is available. End users can select to upgrade or they can select to be reminded about the upgrade in 1, 3, or 7 days.

  • Force Upgrade: ā€‹ETP Clientā€‹ is automatically upgraded. This option does not require that an end user start the upgrade process.

To configure ā€‹ETP Clientā€‹ upgrade type:

  1. In the Threat Protection menu of Enterprise Center, select Clients & Connectors > ā€‹ETP Clientā€‹s.

  2. Go to the approved ā€‹ETP Clientā€‹, in the Status column, select one of these options:

    • On Demand
    • Force Upgrade

Install ā€‹ETP Clientā€‹

After ā€‹ETP Clientā€‹ is approved in ā€‹SIAā€‹, an IT administrator distributes the client files to corporate machines with a networked device management solution, such as KACE. You can install ā€‹ETP Clientā€‹ on Windows or Mac with a setup wizard or with the command line.

You activate the client on enterprise machines with an entitlement code. If you plan to let users activate the client on their personal computer, make sure the user has the required activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.

šŸ“˜

If you use pip and your organization has enabled ā€‹SIAā€‹ Proxy, make sure you also add the ā€‹SIAā€‹ Proxy TLS MITM certificate to the pip configuration file. In the pip.conf file, add this entry:

[global]
cert = /path/certificate.pem

where:
- path is the path to the certificate
- certificate is the name of the certificate

Install with the setup wizard

Before you begin

  • Make sure that you have a downloaded Windows or Mac installation file for ā€‹ETP Clientā€‹. For more information, see Download ā€‹ETP Clientā€‹.

  • Make sure that you verified the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.

  • Make sure that you have an entitlement code or activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.

  • If you are installing ā€‹ETP Clientā€‹ 3.2.0 or later on Windows and Microsoft Visual C++ is not on the machine, install the redistributable package of Visual Studio (vc_redist.x86.exe). To download this package, see Microsoft documentation on the latest supported versions of Visual C++.

  • Make sure Web Proxy Auto-Discovery (WPAD) for WinHTTP is running on Windows computers. For more information, see Web Proxy Auto-Discovery (WPAD) on Windows.

These steps describe the installation process with the ā€‹ETP Clientā€‹ setup wizard. You can perform these steps on a Mac or Windows machine. Test ā€‹ETP Clientā€‹ in a local environment before installing it on end-user machines.

To install ā€‹ETP Clientā€‹ on an end-user laptop:

Note that after completing this installation process, you can enter an entitlement code or an activation code.

  1. Open the installation file:

    • On Windows: etpclient_<versionNumber>_win.msi

    • On Mac: etpclient_<versionNumber>_osx.pkg

      where <versionNumber> is the version number of ā€‹ETP Clientā€‹.

      The client setup wizard appears.

  2. Click Next or Continue.

    The Setup Wizard installs ā€‹ETP Clientā€‹.

  3. When the installation is complete, click Next and then click Finish.

    ā€‹ETP Clientā€‹ is now installed on the end user's machine.

Next steps

  • After installation, you are prompted for an activation or entitlement code. Enter the code and click Next.

  • If you install version 4.3 or later on macOS, enable ā€‹ETP Clientā€‹ network extensions. Do the following:

    1. After installation, a message indicates you must enable the ā€‹ETP Clientā€‹ network extensions. From the prompt, click Open Security Preferences. Otherwise, in the Apple menu, you can select System Preferences, and then select Security & Privacy.

    2. If the settings are locked, click the lock icon and enter the system password to unlock the settings.

    3. In the General tab, a message states that the extensions were blocked from loading. Next to this message, click Allow.

Install with a command line

Before you begin

  • Make sure that you have a downloaded Windows or Mac installation file for ā€‹ETP Clientā€‹. For more information, see Download ā€‹ETP Clientā€‹.

  • Make sure that you have an entitlement code or activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.

  • If you are installing ā€‹ETP Clientā€‹ on a Mac with the command line, you need to create a bootstrap.txt file that contains the entitlement code only. Save the bootstrap.txt file in the same file location as the package.

  • If you are installing ā€‹ETP Clientā€‹ 3.2.0 or later on Windows and Microsoft Visual C++ is not on the machine, install the redistributable package of Visual Studio (vc_redist.x86.exe). To download this package, see Microsoft documentation on the latest supported versions of Visual C++.

  • Make sure Web Proxy Auto-Discovery (WPAD) for WinHTTP is running on Windows computers. For more information, see Web Proxy Auto-Discovery (WPAD) on Windows.

Perform this procedure to install ā€‹ETP Clientā€‹ with a command line. Select the steps that apply to your operating system.

On Windows

To install ā€‹ETP Clientā€‹ with the command line on Windows:

  1. Open Command Prompt as an administrator.

  2. If necessary, change directories to the location where the installation files are located.

  3. Enter the following command and press Enter:

    msiexec /i etpclient_<versionNumber>.msi CODE="<entitlement_code>" /q

    where:

    • <versionNumber> is the version number of ā€‹ETP Clientā€‹

    • <code> is the entitlement code or activation code. If you're using the command line to distribute the ā€‹ETP Clientā€‹ across many computers with device management software, enter the entitlement code. If you're activating the client on a user's personal computer, you can enter an entitlement code or an activation code.

On Mac

šŸ“˜

Make sure that you create a bootstrap.txt file that contains the entitlement code only. Save the bootstrap.txt file in the same file location as the package.

To install ā€‹ETP Clientā€‹ with command line on Mac:

  1. Open a terminal window.

  2. If necessary, change directories to the location where the installation files are located.

  3. Enter the following command and press Enter:

    sudo launchctl setenv activation_code <code> && sudo installer -pkg <path_installation_file> -target /

    where

    • <code> is the entitlement code or activation code. If you're using the command line to distribute the ā€‹ETP Clientā€‹ across many computers with device management software, enter the entitlement code. If you're activating the client on a user's personal computer, you can enter an entitlement code or an activation code.

    • <path_installation_file> is the path to the installation file.

Next steps:

If you install version 4.3 or later on macOS, enable ā€‹ETP Clientā€‹ network extensions. Do the following:

  1. After installation, a message indicates you must enable the ā€‹ETP Clientā€‹ network extensions. From the prompt, click Open Security Preferences. Otherwise, in the Apple menu, you can select System Preferences, and then select Security & Privacy.

  2. If the settings are locked, click the lock icon and enter the system password to unlock the settings.

  3. In the General tab, a message states that the extensions were blocked from loading. Next to this message, click Allow.

Updated 3 months ago