Set up ETP desktop client
Before you begin
Prepare for āETP Clientā setup.
To set up, download, and distribute the desktop version of āETP Clientā:
-
Download āETP Clientā. For more information, see Download āETP Clientā.
-
If you or an IT administrator are installing āETP Clientā for the first time:
-
Verify that the installation file is digitally signed by āAkamaiā.
-
Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.
-
Test the client software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.
-
Distribute and install āETP Clientā on corporate machines. For more information, see Install āETP Clientā.
-
-
If you or an IT administrator are upgrading āETP Clientā:
-
Verify that the installation file is digitally signed by āAkamaiā.
-
Validate the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.
-
Test the āETP Clientā software in a testing environment to confirm its behavior. Make sure you test the client in an environment that contains the same network configuration, VPN, and security applications as production.
-
Approve āETP Clientā. For more information, see Approve āSIAā Client.
-
Configure how āETP Clientā is upgraded. For more information, see Configure āSIAā Client upgrade type.
-
Next steps
Add the email addresses of those you want notified about upgrades to āETP Clientā. For more information, see Add email addresses for notifications and Assign email notifications.
Download āETP Clientā
Before you begin
Review Prepare for āETP Clientā setup and Set up the desktop client.
An āSecure Internet Access Enterpriseā (āSIAā) administrator or a delegated administrator can download āETP Clientā. āSIAā also allows you to access and download all previously released versions of the client.
Depending on your operating system, these files are downloaded to your computer:
-
On Windows:
etpclient_<versionNumber>_win.msi
-
On Mac:
etpclient_<versionNumber>_osx.pkg
where <versionNumber> is the version number of āETP Clientā.
To download āETP Clientā:
-
In the Threat Protection menu of Enterprise Center, select Clients & Connectors > āETP Clientās.
-
In the Versions Management tab, locate the file for your operating system. Depending on your operating system, you can also click the Win or Mac tabs to filter āETP Clientā versions.
-
Hover over the latest version of the client for your operating system and click the download icon.
If the browser's pop-up blocker prevents āETP Clientā from downloading, make sure you allow pop-ups from āAkamai Control Centerā.
Next steps
-
Click the Configuration tab and copy the entitlement code to a secure location.
-
Securely communicate the entitlement code, customer identifier, and SHA-256 checksum value to the IT administrator. To view the checksum value, hover over the client and the icon that contains the hash and check mark.
-
The IT administrator tests the āETP Clientā software in a local testing environment.
-
After testing is complete and āETP Clientā is ready for distribution, approve āETP Clientā. For more information, see Approve āETP Clientā.
Validate the SHA-256 checksum
Before you begin
-
Verify that the āETP Clientā file is digitally signed by āAkamaiā.
-
Make sure that the āSIAā administrator provided the SHA-256 checksum value that is visible in āSIAā.
After the client file is downloaded, an IT administrator should validate the SHA-256 checksum. Depending on your operating system, use these instructions to compare the SHA-256 value provided in āSIAā with the value you get when completing this procedure for your operating system.
On Windows
To validate the SHA-256 checksum on Windows:
-
Open a command prompt.
-
Change directories to the location where the client file is located. For example, if the file is located in your Downloads folder, you can enter this command and press Enter:
cd c:\users\<name>\downloads
where <name> is the name of your user folder.
-
Type this command to generate the checksum value and press Enter:
certutil -hashfile <filename> SHA256
where <filename> is the name of the .msi file
-
Verify that the returned checksum value matches the SHA-256 value in āSIAā. If the values do not match, contact the āSIAā administrator to download the client file again and repeat this procedure.
Next steps
The IT administrator tests āETP Clientā software in a testing environment. Make sure āETP Clientā is tested in an environment that contains the same network configuration, VPN, and security applications as production.
On Mac
To validate the SHA-256 checksum on Mac:
-
Open a terminal window.
-
Enter this command:
shasum -a 256 <fileLocation>
where <fileLocation> is the full path of the .pkg file on your computer.
You can also drag and drop the file to the terminal window. The full path appears.
-
Press Enter. The SHA-256 checksum appears.
-
Verify that the returned checksum value matches the SHA-256 value in āSIAā. If the values do not match, contact the āSIAā administrator to download the client file again and repeat this procedure.
Next steps
The IT administrator tests āETP Clientā software in a testing environment. Make sure āETP Clientā is tested in an environment that contains the same network configuration, VPN, and security applications as production.
Approve āETP Clientā
Before you begin
Download and test āETP Clientā. See Download āETP Clientā.
You need to approve āETP Clientā before it is installed on end user machines or eligible for upgrade. An IT administrator needs to test the client software before it is approved.
To undo āETP Clientā approval, see Undo āETP Clientā approval.
You need to be an āSIAā administrator to perform this task.
To approve āETP Clientā:
-
In the Threat Protection menu of Enterprise Center, select Clients & Connectors > āETP Clientās.
-
In the Versions Management tab, locate the file for your operating system. Depending on your operating system, you can also click the Win or Mac tabs to filter client versions.
-
Hover over the client and click the Approve icon.
Next steps
After the client is approved, you can configure how end users are upgraded when a new version of the client is available. For more information, see Configure āETP Clientā upgrade type.
Configure āETP Clientā upgrade type
Before you begin
After approving āETP Clientā, you can select how the client is upgraded on end user machines. You can select from these upgrade options:
-
On Demand: Selected by default. End users are notified when an upgrade is available. End users can select to upgrade or they can select to be reminded about the upgrade in 1, 3, or 7 days.
-
Force Upgrade: āETP Clientā is automatically upgraded. This option does not require that an end user start the upgrade process.
To configure āETP Clientā upgrade type:
-
In the Threat Protection menu of Enterprise Center, select Clients & Connectors > āETP Clientās.
-
Go to the approved āETP Clientā, in the Status column, select one of these options:
- On Demand
- Force Upgrade
Install āETP Clientā
After āETP Clientā is approved in āSIAā, an IT administrator distributes the client files to corporate machines with a networked device management solution, such as KACE. You can install āETP Clientā on Windows or Mac with a setup wizard or with the command line.
You activate the client on enterprise machines with an entitlement code. If you plan to let users activate the client on their personal computer, make sure the user has the required activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.
If you use pip and your organization has enabled āSIAā Proxy, make sure you also add the āSIAā Proxy TLS MITM certificate to the pip configuration file. In the pip.conf file, add this entry:
[global] cert = /path/certificate.pem
where:
- path is the path to the certificate
- certificate is the name of the certificate
Install with the setup wizard
Before you begin
-
Make sure that you have a downloaded Windows or Mac installation file for āETP Clientā. For more information, see Download āETP Clientā.
-
Make sure that you verified the SHA-256 checksum value. For more information, see Validate the SHA-256 checksum.
-
Make sure that you have an entitlement code or activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.
-
If you are installing āETP Clientā 3.2.0 or later on Windows and Microsoft Visual C++ is not on the machine, install the redistributable package of Visual Studio (vc_redist.x86.exe). To download this package, see Microsoft documentation on the latest supported versions of Visual C++.
-
Make sure Web Proxy Auto-Discovery (WPAD) for WinHTTP is running on Windows computers. For more information, see Web Proxy Auto-Discovery (WPAD) on Windows.
These steps describe the installation process with the āETP Clientā setup wizard. You can perform these steps on a Mac or Windows machine. Test āETP Clientā in a local environment before installing it on end-user machines.
To install āETP Clientā on an end-user laptop:
Note that after completing this installation process, you can enter an entitlement code or an activation code.
-
Open the installation file:
-
On Windows:
etpclient_<versionNumber>_win.msi
-
On Mac:
etpclient_<versionNumber>_osx.pkg
where <versionNumber> is the version number of āETP Clientā.
The client setup wizard appears.
-
-
Click Next or Continue.
The Setup Wizard installs āETP Clientā.
-
When the installation is complete, click Next and then click Finish.
āETP Clientā is now installed on the end user's machine.
Next steps
-
After installation, you are prompted for an activation or entitlement code. Enter the code and click Next.
-
If you install version 4.3 or later on macOS, enable āETP Clientā network extensions. Do the following:
-
After installation, a message indicates you must enable the āETP Clientā network extensions. From the prompt, click Open Security Preferences. Otherwise, in the Apple menu, you can select System Preferences, and then select Security & Privacy.
-
If the settings are locked, click the lock icon and enter the system password to unlock the settings.
-
In the General tab, a message states that the extensions were blocked from loading. Next to this message, click Allow.
-
Install with a command line
Before you begin
-
Make sure that you have a downloaded Windows or Mac installation file for āETP Clientā. For more information, see Download āETP Clientā.
-
Make sure that you have an entitlement code or activation code. To view the entitlement code, see View the entitlement code. For more information on the activation code, see Bring your own device (BYOD) support.
-
If you are installing āETP Clientā on a Mac with the command line, you need to create a
bootstrap.txt
file that contains the entitlement code only. Save thebootstrap.txt
file in the same file location as the package. -
If you are installing āETP Clientā 3.2.0 or later on Windows and Microsoft Visual C++ is not on the machine, install the redistributable package of Visual Studio (vc_redist.x86.exe). To download this package, see Microsoft documentation on the latest supported versions of Visual C++.
-
Make sure Web Proxy Auto-Discovery (WPAD) for WinHTTP is running on Windows computers. For more information, see Web Proxy Auto-Discovery (WPAD) on Windows.
Perform this procedure to install āETP Clientā with a command line. Select the steps that apply to your operating system.
On Windows
To install āETP Clientā with the command line on Windows:
-
Open Command Prompt as an administrator.
-
If necessary, change directories to the location where the installation files are located.
-
Enter the following command and press Enter:
msiexec /i etpclient_<versionNumber>.msi CODE="<entitlement_code>" /q
where:
-
<versionNumber> is the version number of āETP Clientā
-
<code> is the entitlement code or activation code. If you're using the command line to distribute the āETP Clientā across many computers with device management software, enter the entitlement code. If you're activating the client on a user's personal computer, you can enter an entitlement code or an activation code.
-
On Mac
Make sure that you create a
bootstrap.txt
file that contains the entitlement code only. Save thebootstrap.txt
file in the same file location as the package.
To install āETP Clientā with command line on Mac:
-
Open a terminal window.
-
If necessary, change directories to the location where the installation files are located.
-
Enter the following command and press Enter:
sudo launchctl setenv activation_code <code> && sudo installer -pkg <path_installation_file> -target /
where
-
<code> is the entitlement code or activation code. If you're using the command line to distribute the āETP Clientā across many computers with device management software, enter the entitlement code. If you're activating the client on a user's personal computer, you can enter an entitlement code or an activation code.
-
<path_installation_file> is the path to the installation file.
-
Next steps:
If you install version 4.3 or later on macOS, enable āETP Clientā network extensions. Do the following:
-
After installation, a message indicates you must enable the āETP Clientā network extensions. From the prompt, click Open Security Preferences. Otherwise, in the Apple menu, you can select System Preferences, and then select Security & Privacy.
-
If the settings are locked, click the lock icon and enter the system password to unlock the settings.
-
In the General tab, a message states that the extensions were blocked from loading. Next to this message, click Allow.
Updated 3 months ago