Silent installation
For deploying Guardicore Platform Agent on multiple workstations, consider using software deployment solutions. Command-line installation is supported, though specific commands vary depending on your environment.
Silent installation requires downloading platform-specific installers (Windows or Mac). You can append optional arguments to the installation command to preconfigure Guardicore Platform Agent with an IdP hostname, ETP entitlement or activation code, and other settings.
Before installation, the silent installer removes any existing version of Guardicore Platform Agent.
Manual upgrade and OTA upgrade limitations
When updating the agent to a new version, only the
AUTO_START,MINIMIZED, andALLOW_DOWNGRADEparameters are honored and applied during installation.
Akamai Guardicore Platform Agent silent install on Windows
How to
- Download the latest Guardicore Platform Agent installer for Windows from Enterprise Center.
- Open the command line (
cmd), navigate to your downloads directory, and enter the following command to start the silent installation. Replace<version>with the version number from the downloaded installer file.
msiexec /i <GuardicorePlatformAgent-<version>-windows.msi> /quiet
- The installation starts and runs silently. After the installation is complete, the Guardicore Platform Agent window opens. If you encounter any issues during the installation, refer to the troubleshooting section.
You can use the following optional parameters:
| Parameter | What it does |
|---|---|
IDP="youridphostname.com" | Specifies the hostname of your Identity Provider (IdP) for authentication after installation. Enter the IdP hostname without the https:// protocol prefix. |
TOKEN="ETP activation or entitlement code" | Activates Threat Protection with an ETP activation or entitlement code after installation. If you're using the command line to distribute the Guardicore Platform Agent across many computers with device management software, enter the entitlement code. If you're activating the agent on a user's personal computer, you can enter an entitlement code or an activation code. |
AUTO_START="no"|"yes" | Set to no to prevent the Guardicore Platform Agent GUI from launching automatically after successful installation. Note that if the user manually starts the agent, it will automatically launch from then on at OS boot, unless you specify START_ON_BOOT="no".This parameter isn't usually needed. Use it only if you have a strong reason to do so. Set to yes to launch Guardicore Platform Agent automatically after successful installation.If unspecified, this parameter defaults to yes. |
START_ON_BOOT="no"|"yes" | Set to no to prevent the Guardicore Platform Agent GUI from launching automatically at OS startup. This parameter suppresses the autostart functionality, even if the user has manually started the client in the past.With Threat Protection enabled in Enterprise Center, Guardicore Platform Agent onboards traffic to SIA even if the GUI is not running. With Access enabled in Enterprise Center, Guardicore Platform Agent doesn’t onboard traffic to EAA if the GUI is not running or the user is not authenticated. Set to yes to launch Guardicore Platform Agent automatically at OS startup.If unspecified, this parameter defaults to yes. |
MINIMIZED="yes"|"no" | Set to yes to start the Guardicore Platform Agent GUI minimized after successful installation.Set to no to display the Guardicore Platform Agent GUI after successful installation.If unspecified, this parameter defaults to no.This parameter applies only if autostart isn’t disabled with the AUTO_START="no" parameter. |
AZTC_LANG="<language>" | Sets the display language. English is the default language. Available values are the following: Japanese, Brasil. |
FORWARD_PROXY="enable" | Proxy is disabled by default. Specifying this parameter with an enable value launches the agent with Remote Proxy enabled after successful installation. This lets Guardicore Platform Agent use your manually configured OS proxy settings.To learn more about using proxies with Guardicore Platform Agent, refer to the proxy documentation. |
FORWARD_PROXY_URL=<protocol>://<host>:<port> | With FORWARD_PROXY enabled, this parameter lets you use a PAC file and specify your forward proxy’s protocol, hostname, and port.Accepted protocols: httpsAccepted hosts: IPv4, IPv6, and domain name If you’d like to use an IPv6 address in a URL, encase it in a bracket. For example: https://[2001:db8::1]:80If your organization uses a PAC file, you need to modify it for it to work with Guardicore Platform Agent. Contact your Akamai account representative for assistance. To learn more about using proxies with Guardicore Platform Agent, refer to the proxy documentation. |
GC_OFFLINE_INSTALL="true"|"false" | When set to true, Segmentation is installed using the Agent version bundled with the installer (network connectivity to the Aggregator is not required). |
GC_SERVER_ADDRESSES="<aggregator_address>:<aggregator_port>,<aggregator_address>:<aggregator_port>" | Comma-separated Aggregator IP addresses or hostnames. Addresses are provided by the Centra technical platform owner. |
GC_PASSWORD="<password>" | Agent installation passphrase. Retrieve from the Centra UI: Administration → System → Configuration → Agents installation → Agents installation password |
GC_DATA_PATH="<dir>" | Sets custom installation path for the Segmentation data files (certificates, log files, configuration, and storage). |
GC_LOGGING_PROFILE="<profile>" | Sets the logging rotation profile for the Segmentation agent ('min', 'max' or 'medium'). |
GC_PROFILE="<profile>" | Install Segmentation agent modules from a specific profile. |
GC_LABELS="<key1:value1,..,keyN:valueN >" | List of labels in the form of key1:value1,key2:value2 for labeling the Segmentation agent instance. |
GC_OVERRIDE_UUID_FILE _RELOAD="true" | Don't use semi-persistent UUID file to mark agent UUID (Windows 2003 and above). |
WITH_ETP="false" | Set to false to permanently disable Threat Protection on the workstation, even if it’s available in your contract and configured in Enterprise Center.To re-enable Threat Protection, reinstall the agent without this parameter. |
ALLOW_DOWNGRADE="yes" | By default, Guardicore Platform Agent prevents end-users from manually downgrading to an older version of the agent. If the end-user attempts to install an older version of the agent, the installation fails and agent operation remains uninterrupted. By specifying this parameter with a yes value, you allow your end-users to downgrade the agent using an older version of the Guardicore Platform Agent installer.This parameter applies only to manual downgrade attempts. You can deploy a client downgrade from Enterprise Center regardless of this setting. |
Example
The following command silently installs Guardicore Platform Agent with a pre-configured IdP hostname:
msiexec /i <GuardicorePlatformAgent-<version>-windows.msi> IDP="connect.company.com" /quiet
Next, you can configure your Akamai Guardicore Platform Agent.
Akamai Guardicore Platform Agent silent install on macOS
How to
- Download the latest Guardicore Platform Agent installer for macOS from Enterprise Center.
- You can specify the following optional parameters in
gpa-install.cfgbefore you install the client:
Place the
gpa-install.cfgconfiguration file in the same directory as the installer package. The configuration file gets deleted automatically after successful installation.
| Parameter | What it does |
|---|---|
IDP=youridphostname.com | Specifies the hostname of your Identity Provider (IdP) for authentication after installation. Enter the IdP hostname without the https:// protocol prefix. |
TOKEN=<ETP activation or entitlement code> | Activates Threat Protection with an ETP activation or entitlement code after installation. If you're using the command line to distribute the Guardicore Platform Agent across many computers with device management software, enter the entitlement code . If you're activating the agent on a user's personal computer, you can enter an entitlement code or an activation code . |
AUTO_START=no|yes | Set to no to prevent the Guardicore Platform Agent GUI from launching automatically after successful installation. Note that if the user manually starts the agent, it will automatically launch from then on at OS boot, unless you specify START_ON_BOOT="no".This parameter isn't usually needed. Use it only if you have a strong reason to do so. Set to yes to launch Guardicore Platform Agent automatically after successful installation.If unspecified, this parameter defaults to yes. |
START_ON_BOOT=no|yes | Set to no to prevent the Guardicore Platform Agent GUI from launching automatically at OS startup. This parameter suppresses the autostart functionality, even if the user has manually started the client in the past.With Threat Protection enabled in Enterprise Center, Guardicore Platform Agent onboards traffic to SIA even if the GUI is not running. With Access enabled in Enterprise Center, Guardicore Platform Agent doesn’t onboard traffic to EAA if the GUI is not running or the user is not authenticated. Set to yes to launch Guardicore Platform Agent automatically at OS startup.If unspecified, this parameter defaults to yes. |
MINIMIZED=yes|no | Set to yes to start the Guardicore Platform Agent GUI minimized after successful installation.Set to no to display the Guardicore Platform Agent GUI after successful installation.If unspecified, this parameter defaults to no.This parameter applies only if autostart isn’t disabled with the AUTO_START="no" parameter. |
AZTC_LANG=<language> | Sets the display language. English is the default language. Available values are the following: Japanese, Brasil. |
FORWARD_PROXY=enable | Proxy is disabled by default. Specifying this parameter with an enable value launches the agent with Remote Proxy enabled after successful installation. This lets Guardicore Platform Agent use your manually configured OS proxy settings.To learn more about using proxies with Guardicore Platform Agent, refer to the proxy documentation . |
FORWARD_PROXY_URL=<protocol>://<host>:<port> | With FORWARD_PROXY enabled, this parameter lets you use a PAC file and specify your forward proxy’s protocol, hostname, and port.Accepted protocols: httpsAccepted hosts: IPv4, IPv6, and domain name If you’d like to use an IPv6 address in a URL, encase it in a bracket. For example: https://[2001:db8::1]:80If your organization uses a PAC file, you need to modify it for it to work with Guardicore Platform Agent. Contact your Akamai account representative for assistance. To learn more about using proxies with Guardicore Platform Agent, refer to the proxy documentation. |
GC_OFFLINE_INSTALL=true|false | When set to true, Segmentation is installed using the Agent version bundled with the installer (network connectivity to the Aggregator is not required). |
GC_SERVER_ADDRESSES=<aggregator_address>:<aggregator_port>,<aggregator_address>:<aggregator_port>" | Comma-separated Aggregator IP addresses or hostnames. Addresses are provided by the Centra technical platform owner. |
GC_PASSWORD=<password> | Agent installation passphrase. Retrieve from the Centra UI: Administration → System → Configuration → Agents installation → Agents installation password |
GC_DATA_PATH=<dir> | Sets custom installation path for the Segmentation data files (certificates, log files, configuration, and storage). |
GC_LOGGING_PROFILE=<profile> | Sets the logging rotation profile for the Segmentation agent ('min', 'max' or 'medium'). |
GC_PROFILE=<profile> | Install Segmentation agent modules from a specific profile. |
GC_LABELS=<key1:value1,..,keyN:valueN > | List of labels in the form of key1:value1,key2:value2 for labeling the Segmentation agent instance. |
WITH_ETP=false | Set to false to permanently disable Threat Protection on the workstation, even if it’s available in your contract and configured in Enterprise Center.To re-enable Threat Protection, reinstall the agent without this parameter. |
ALLOW_DOWNGRADE=yes | By default, Guardicore Platform Agent prevents end-users from manually downgrading to an older version of the agent. If the end-user attempts to install an older version of the agent, the installation fails and agent operation remains uninterrupted. By specifying this parameter with a yes value, you allow your end-users to downgrade the agent using an older version of the Guardicore Platform Agent installer.This parameter applies only to manual downgrade attempts. You can deploy a client downgrade from Enterprise Center regardless of this setting. |
- Open the macOS Terminal, navigate to your downloads directory, and enter the following command to start the silent installation. Replace
<version>with the version number from the downloaded installer file.
sudo installer -pkg <GuardicorePlatformAgent-<version>-macos.pkg> -target /
- The installation starts and runs silently. After the installation is complete, the Guardicore Platform Agent window opens. If you encounter any issues during the installation, refer to the troubleshooting section.
Example
The following commands silently install Guardicore Platform Agent with a pre-configured IdP hostname and ETP code:
cat > ./gpa-install.cfg << EOF
IDP=youridphostname.com
TOKEN=9ffc01d7-0000-0000-0000-40c3ffbf70fa
EOF
sudo installer -pkg ./<GuardicorePlatformAgent-<version>-macos.pkg> -target /
rm ./gpa-install.cfg || true
Next, you can configure your Akamai Guardicore Platform Agent.
Updated 23 days ago