Page tree
Skip to end of metadata
Go to start of metadata

G DATA Business Solutions - Installation

Start Windows and insert the G DATA installation medium. An installation window will open automatically, which allows you to select which of the G DATA software components you want to install. If you obtained a download version of the software, extract all files and launch Setup.exe. To help install the software on other machines, the extracted files can be burned to a DVD or copied to a USB stick. Close all other programs before you start installing the G DATA software to avoid problems with files that need to be accessed by the G DATA setup wizard. The following components can be installed:

  • G DATA ManagementServer: Install this component first. G DATA ManagementServer will be used to manage all G DATA-related settings and updates. G DATA ManagementServer lies at the core of the G DATA architecture: it administers the clients, automatically requests the latest software and virus signature updates from the G DATA update servers and controls the virus protection within the network. When installing G DATA ManagementServer, G DATA Administrator is automatically installed on the same machine.
  • G DATA Administrator: G DATA Administrator is the administration software for G DATA ManagementServer and enables management of settings and updates for all G DATA clients on the network. G DATA Administrator is password-protected and can be installed on and launched from any Windows computer that has a network connection with G DATA ManagementServer.
  • G DATA Security Client: The client software provides virus protection for the clients and runs the G DATA ManagementServer jobs allocated to it in the background. Installing the client software is generally carried out through G DATA Administrator for all clients.
  • G DATA Boot Medium Wizard: You can use G DATA Boot Medium Wizard to create a bootable CD, DVD or USB stick for basic scanning of your computer. This scan takes place before the operating system is launched and uses up-to-date virus signatures.
  • G DATA WebAdministrator: G DATA WebAdministrator is the web-based administration software for G DATA ManagementServer. It can be used to create and edit settings for G DATA ManagementServer through a web interface.
  • G DATA MobileAdministrator: G DATA MobileAdministrator is a web-based control panel for G DATA ManagementServer that is optimized for mobile devices. It can be launched from any mobile browser and offers access to the most important and frequently used functions of G DATA Administrator.
  • G DATA MailSecurity for Exchange: G DATA MailSecurity for Exchange centrally secures all Exchange-based email traffic. It is available as an optional module.
  • G DATA MailSecurity MailGateway: G DATA MailSecurity MailGateway centrally secures all SMTP- and POP3-based email traffic. It is available as an optional module and can be installed from its own installation medium.
  • G DATA Virtual Remote Scan Server (VRSS) and Light Agent: 

Installation - G DATA ManagementServer

Insert the G DATA installation medium and select G DATA ManagementServer. Ensure that you have closed all open applications, as they may cause conflicts during installation. Select your language and click Installation to start the installation wizard. Read the license agreement for the use of this software. Select I accept the terms in the license agreement and then click Next if you accept the agreement in this form.

The server type selection lets you choose between the following server types:

Main server: During an initial installation, G DATA ManagementServer must always be installed as the main server (main MMS). The main server represents the central configuration and administration entity of G DATA's network architecture. G DATA ManagementServer provides the infrastructure for network clients to be protected with the latest virus signatures and program updates. In addition, all client configuration is managed centrally by G DATA ManagementServer.

Secondary server: When using a standalone SQL database instance, it is possible to run a second server (secondary MMS), which uses the same database as the main server. If the main server is unavailable for more than one hour, clients connect automatically to the secondary server and load signature updates from it. They switch back to the main server as soon as it is available again. Both servers load signature updates independently from one another to provide a safeguard against failure.

Subnet server: For large networks (e.g. company headquarters with connected branch offices) it can be sensible to operate an installation of G DATA ManagementServer as a subnet server. Subnet servers help to reduce the network traffic load between clients and the main MMS. They can be used to manage a subset of clients allocated to them. The subnet servers remain fully functional, even if the main or secondary server is inaccessible. However, they do not load any virus signature updates autonomously. Enter the server name of the main server under Main server name.

An alternative to installing a subnet server is using peer to peer update distribution. By enabling this option, server-client network traffic during updates is greatly reduced. For some networks this can eliminate the need for using a subnet server.

After selecting the server type, decide which database server G DATA ManagementServer should use:

Install Microsoft SQL Server 2014 Express: Choose the SQL Server Express installation if you are newly installing G DATA ManagementServer for a network with less than 1000 clients. Microsoft SQL Server 2014 Express does not support Windows Vista and Windows Server 2008/2003. On those systems, manually install Microsoft SQL Server 2008 R2 Express before installing ManagementServer or use a database instance on another machine and then select the option Use existing database instance. More information can be found in the Reference Guide.

Use existing database instance: For larger networks, it is recommended to use an existing Microsoft SQL Server instance. If you are reinstalling G DATA ManagementServer on a server that already has a SQL Server Express installation and a G DATA ManagementServer database, choose the option to use an existing instance. After the installation, you will be able to configure the connection to SQL Server (Express).

The installation is automatically started after confirming the eventual installation of Microsoft SQL Server 2014 Express and/or other prerequisites. After the installation is finished, the G DATA solution should be activated. This enables immediate update downloads upon finishing the installation:

Enter a new registration number: If you are installing G DATA software for the first time, select this option and enter the solution's registration number. You can find the registration number on the order confirmation. In case of doubt contact your G DATA reseller or distributor. Upon entering the registration number, your solution is activated. The access data generated (user name and password) are displayed immediately following successful registration. Be sure to make a note of your user name and password and save them somewhere! Following successful registration, it is no longer necessary to re-enter the license key.

If you have problems entering your registration number, verify that you have entered it correctly. A capital "I" (for India) is often misread as the number "1" or the letter "l" (for Lima). The same applies to "B" and "8", "G" and "6", "Z" and "2".

Enter access data: If the G DATA software has already been installed before, you will have received access data (user name and password). To reinstall the G DATA software, enter the access data here.

Activate later: If you just want to look over the software first or if the access data are temporarily unavailable, the installation can take place without entering the data. However, if you do so, no Internet updates will be downloaded. The G DATA software can only effectively protect your computer if it is completely up-to-date. Using the software without activating it will protect you insufficiently. You can enter your registration number or access data subsequently at any time. See also the notes on subsequent activation of the G DATA software in the FAQ section.

Please note: if the software has been installed without being activated, only the G DATA Antivirus Business components are available, even if you have purchased G DATA Client Security Business, G DATA Endpoint Protection Business, or any additional modules. The additional components are activated and available as soon as you register the software.

If you chose to use an existing database instance, you can perform the database configuration after the installation has finished. More information about database configuration can be found in the Reference Guide.

Following the installation of G DATA ManagementServer, the G DATA software is operational and ready to be configured. A server reboot may be required. G DATA ManagementServer will automatically be started every time the system is booted up.

To administer G DATA ManagementServer, go to Start > (All) Programs > G DATA Administrator and select the G DATA Administrator option. This will start the administration tool for G DATA ManagementServer.

Installation - G DATA Administrator

When installing G DATA ManagementServer, G DATA Administrator will also be automatically installed. Subsequent installation of the Administrator software on the server is not required. However, G DATA Administrator can still be installed on any client computer. In this way, the G DATA ManagementServer can also be serviced from any PC in the network.

To install G DATA Administrator on a client computer, insert the G DATA installation medium and select G DATA Administrator.

Ensure that you have closed all open applications, as they may cause conflicts during the installation. Follow the installation steps with help of the installation wizard. After the installation, the entry G DATA Administrator is available under Start > (All) Programs > G DATA > G DATA Administrator.

Installation - G DATA Security Client for Windows

G DATA Security Client protects and manages Windows network clients and should be installed on each Windows machine. Depending on the deployment scenario, you can choose a remote installation (via G DATA Administrator) or a local installation (using the G DATA installation medium or a client install package). Additionally, it is recommended that you install G DATA Security Client on your server.

When installing G DATA Security Client on a server, make sure that it does not interfere with existing server workflows. For example, for database and e-mail servers, monitor and scan job exceptions should be defined for some files and folders. Consult the Reference Guide for more information.

Local installation - G DATA Security Client for Windows

If a remote installation is not possible, you can install G DATA Security Client directly on the clients. You can use the G DATA installation medium to manually install the client software, or create a client installation package that can run in the background (which makes it ideal for distribution through logon scripts).

Local installation - installation medium - G DATA Security Client for Windows

Insert the G DATA installation medium and select G DATA Security Client.

During installation, enter the server name or the IP address of the server on which G DATA ManagementServer is installed. The server name is required so that the client can communicate with the server over the network. Optionally, a group name can be entered. Once it connects to the ManagementServer, the client will be added to the corresponding group. See Installation package for more information about the rules for entering group names.

In order to prevent unauthorized access to the ManagementServer, clients that are deployed through a local installation need to be authorized in G DATA Administrator under Clients > Overview before they are fully served.

Local installation - installation package - G DATA Security Client for Windows

The package is a single executable file (GDClientPck.exe), which can be used to install G DATA Security Client. The installation package can be used to install the client to all computers in a domain via a login script, or to install locally, and it always contains the current client version available on the server.

To create an installation package, start G DATA Administrator. In the menu Organization, click the option Create installation package for Windows clients. You will be prompted for the following information:

ManagementServer: The ManagementServer with which the clients should register.

Language: The installation language.

Group: The group to which the client will be added after the installation.

Use a slash "/" to separate group names in a hierarchy. Special characters in group names must be marked: Every quotation mark in group names must be duplicated. If a group name contains a "/", the group name must be enclosed in quotation marks.

Limit validity: Limit the validity of the installation package. If the package is installed after this period of time, it is considered unauthorized and needs to be manually authorized in G DATA Administrator under Clients > Overview.

Click OK and select a storage location. G DATA Administrator will create the installation package in the background. It can then be copied to the target computer and should be launched there with administrator rights in order to install G DATA Security Client. If the installation should be carried out without user interaction, start the installation package with the parameter / @_QuietInstallation="true": GDClientPck.exe  @_QuietInstallation="true".

Remote installation - G DATA Security Client for Windows

The most convenient way to install clients is to initiate a remote installation through G DATA Administrator. The Server setup wizard and the Clients module allow you to automatically install G DATA Security Client to all machines.

In addition to the required port configuration, remote installations have the following prerequisites:

A user account with administrative permissions on the client must be entered. The account does not necessarily need to have a password. In that case, however, the target machine must be explicitly configured to allow network logons for accounts without a password. More information can be found in the Reference Guide. To remotely install a subnet server, an account password must be set: an empty password field is not permitted.

Service Control Manager on the client must be remotely accessible using the specified user account.

The specified user account must have write permissions for at least one network share on the client, such as C$, Admin$ or a custom share. Access can be enabled by opening the Network and Sharing center and enabling File and Printer Sharing under Advanced sharing settings (Windows Vista and newer). On Windows XP, enable File and Printer Sharing on the Exceptions tab of Windows Firewall.

When the client is not in a domain, additional settings must be configured:

Simple File Sharing (Windows XP) or the Use Sharing Wizard option (Windows Vista/ Windows Server 2008 or newer) must be disabled. It is enabled by default in all Windows installations and can be disabled by opening any folder in Windows Explorer, clicking Organize > Folder and search options > View, and unchecking the respective option.

When the client is using Windows Vista or newer: Open Registry Editor on the client and navigate to the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System. Add a DWORD value named LocalAccountTokenFilterPolicy with value 1.

Using the Server setup wizard, which is automatically run the first time you start G DATA Administrator, you get an overview of all enabled computers in the network. You can also manually add and enable computers by name. Alternatively, the Clients module allows you to install G DATA Security Client by selecting one or more machines in the client list, right-clicking on them and choosing Install G DATA Security Client. After selecting the machines, both procedures carry on similarly. An input window appears in which you should enter the User name, Password and Domain with access rights on the clients. After selecting a display language for the client, the Installation overview window is automatically opened. In most cases, the client will need to be rebooted in order to complete the installation: the installation procedure will add a report to the Security events module if a reboot is required.

When using Active Directory integration, you can choose to automatically attempt to install G DATA Security Client on newly added computers. The same prerequisites apply.

Remote installation can be completed in two ways. If the clients meet the necessary prerequisites, the files are copied directly and entries are made in the registry. If the server can only access the hard drive and not the registry, or if other system prerequisites are not met, the entire setup program is copied to the client and started automatically at the next computer reboot.

Installation - G DATA Security Client for Linux

Like their Windows counterparts, Linux clients are managed by G DATA ManagementServer, allowing configuration via G DATA Administrator as well as automated virus signature update distribution. The basic client installation contains functionality for on-demand virus scans. Optionally, additional security modules for Linux servers can be installed.

The installation methods are similar to those of Windows clients: a remote installation via G DATA Administrator or a local installation using an installation script.

Local installation - G DATA Security Client for Linux

If a remote installation is not possible, you can install G DATA Security Client for Linux locally.

  1. Start G DATA Administrator, select the Clients panel and choose the option Create installation script for Linux/Mac clients from the Organization menu.
  2. After you choose a storage location, the script will be created in the background.
  3. Copy the installation script to the client, then add the permission to execute the script (command-line: chmod +x install-client.sh).
  4. Open a Terminal window and elevate the user status by typing su and entering the root password. Alternatively, execute the command from step 5 using sudo.
  5. Navigate to the folder to which you copied the file and execute it: ./install-client.sh -t <product[,product]>. The product parameter should be one or more of the following values:
    • ALL: G DATA Security Client for Linux and all additional modules
    • WS: G DATA Security Client for Linux
    • SMB: Samba module
    • AMAVIS: Sendmail/Postfix module
    • WEB: Squid module
  6. In order to prevent unauthorized access to the ManagementServer, clients that are deployed through a local installation need to be authorized in G DATA Administrator under Clients > Overview before they are fully served.

Remote installation - G DATA Security Client for Linux

The most convenient way to install G DATA Security Client for Linux is to initiate a remote installation through G DATA Administrator. The prerequisites are as follows:

The Linux machine must have an SSH server installed and running.

The user account that is used to install the client must be able to log in to the SSH server using a password.

DNS name resolution for the ManagementServer and the client must be available.

The installation is carried out as follows:

  1. In the Clients module, select a Linux client, open the Clients menu and select the command Install G DATA Security Client for Linux/Mac.
  2. Select the Client type (Client for Linux).
  3. Optionally, select one or more Plugins (Samba, Squid oder Sendmail/Postfix). The prerequisites are described in the respective chapters.
  4. Enter a User name and Password. The account must have root permissions.
  5. Click the OK button. Installation progress will be shown in the Installation overview window.

G DATA Security Client for Linux - Additional modules

G DATA Security Client for Linux contains additional modules that provide security to multiple Linux components. If you select additional modules during the remote or local installation, the modules are automatically installed. However, some modules need additional configuration before or after the installation.

G DATA Security Client for Linux - Linux Mail Security Gateway

The Linux Mail Security Gateway module is available as an optional module.

The Linux Mail Security Gateway (Sendmail/Postfix) module has been developed as a plugin for the Amavis framework. Linux Mail Security Gateway requires Amavis 2.8.0 or higher and altermime. If Amavis is not available on the system, it will be automatically installed while installing the Linux Mail Security Gateway module. The following configuration steps are required:

  1. The Linux Mail Security Gateway module requires an operational Sendmail/Postfix mail server.
  2. Make sure that the mail server forwards email messages to Amavis. More information can be found in the documentation of Amavis or the relevant mail server.
  3. Make sure that spam and virus checks have been enabled in the Amavis configuration. More information can be found in the Amavis documentation.
  4. Edit the configuration file /etc/gdata/amavis/mms.cfg and make sure that the mail server (sub) domain name has been entered under localDomains (e.g. mail.domain.com).


Using an existing Amavis installation is not recommended, because that requires a large number of changes to configuration files directly after installing the Linux Mail Security Gateway module.

Once configured, the Linux Mail Security Gateway module will automatically check email traffic and report viruses to G DATA ManagementServer. Its settings can be managed through G DATA Administrator in the Sendmail/Postfix module.

Warning: When using an Amavis version older than 2.10.0, not all functions of the Linux Mail Security Gateway module are available. Update Amavis to version 2.10.0 or higher before deploying the Linux Mail Security Gateway module to ensure full functionality.

G DATA Security Client for Linux - Linux Web Security Gateway

The Linux Web Security Gateway module is available as an optional module.

If you select the Linux Web Security Gateway (Squid) module, the installation of G DATA Security Client for Linux automatically installs and configures Squid itself. If Squid is already present on the system, the existing version will be uninstalled beforehand.

After the installation, the host name or IP address of the Squid server should be configured as proxy server on all systems for which traffic should be filtered by Squid (port 3128). To enable HTTPS traffic scans, additionally configure an HTTPS proxy with the Squid host name or IP address and port 6789. The required certificates are located in the /etc/gdata/ssl folder on the Squid server and should be imported on all clients. If you are using your own SSL certificates, they must be saved on the server in the folder /etc/gdata/ssl.

Warning: The Squid server installation will use the package that is available in the respective distribution's repository. If that Squid version is older than 3.3.8, HTTPS scans will not be available.

Once enabled, the Linux Web Security Gateway module will automatically check traffic against a blacklist and report viruses to G DATA ManagementServer. Its settings can be managed through G DATA Administrator in the Squid module.

G DATA Security Client for Linux - Samba

After installing G DATA Security Client for Linux, Samba security can be enabled by adding the line vfs objects = gdvfs to the Samba configuration file (typically /etc/samba/smb.conf). To protect all shares, add it to the section [global]. If the line is in another section, the protection only applies to the corresponding share. After saving the configuration file, restart the Samba service.

Installation - G DATA Security Client for Mac

G DATA Security Client for Mac offers centrally managed malware protection and is managed by G DATA ManagementServer, allowing configuration via G DATA Administrator as well as automated, virus signature update distribution.

The installation methods are similar to those of Windows and Linux clients: a remote installation via G DATA Administrator or a local installation using an installation script.

Local installation - G DATA Security Client for Mac

If a remote installation is not possible, you can install G DATA Security Client for Mac locally.

  1. Start G DATA Administrator, select the Clients panel and choose the option Create installation script for Linux/Mac clients from the Organization menu.
  2. After you choose a storage location, the script will be created in the background.
  3. Copy the installation script to the client.
  4. Open a Terminal window and elevate the user status by typing su and entering the root password. Alternatively, execute the command from step 5 using sudo.
  5. Navigate to the folder to which you copied the file and execute it: ./install-client.sh -t WS.
  6. In order to prevent unauthorized access to the ManagementServer, clients that are deployed through a local installation need to be authorized in G DATA Administrator under Clients > Overview before they are fully served.

Remote installation - G DATA Security Client for Mac

The most convenient way to install G DATA Security Client for Mac is to initiate a remote installation through G DATA Administrator. The requirements and the installation procedure are almost identical to the procedure for Linux:

  1. In the Clients module, select a Mac client, open the Clients menu and select the command Install G DATA Security Client for Linux/Mac.
  2. Under Client type, select Client for Mac.
  3. Enter a User name and Password. The account must have root permissions.
  4. Click the OK button. Installation progress will be shown in the Installation overview window.

Unable to render {include} The included page could not be found.

Unable to render {include} The included page could not be found.

Installation - G DATA Exchange MailSecurity

The installation wizard of Exchange Mail Security adds a plugin to Microsoft Exchange Server 2007 SP1/2010/2013/2016. It should be installed on all Exchange servers that are running the Mailbox or Hub Transport roles.

To install G DATA Exchange Mail Security, insert the G DATA installation medium, select G DATA MailSecurity for Exchange and follow the installation wizard. The plugin reports to G DATA ManagementServer, which must have been installed beforehand. After installing the plugin, log in to the ManagementServer using G DATA Administrator to configure all protection settings on the Exchange settings tab.

In order to prevent unauthorized access to the ManagementServer, Exchange clients that are deployed through a local installation need to be authorized in G DATA Administrator under Clients > Overview before they are fully served.

Unable to render {include} The included page could not be found.

Installation - G DATA Internet Security for Android

To make use of G DATA's mobile device management capabilities, you can install a specially tailored business version of G DATA Internet Security on your Android devices. G DATA Administrator offers installation capabilities for Android clients in the Clients panel. Select the clients and click Send installation link to mobile clients to send an e-mail containing a download link for the Internet Security app.

Open the e-mail message on the mobile device and tap the download link to download the installer APK file. Note that the option Unknown sources (Allow installation of non-Market apps) needs to be enabled in order to install APK files. This option is usually found in Android's system menu Settings > Security > Device Administration. After opening the APK file and confirming its requested permissions, G DATA Internet Security for Android will be installed and can be started from the Android app menu.

To finalize the installation, remote administration has to be enabled. The e-mail contains a link that automatically opens G DATA Internet Security for Android and configures the relevant settings. Alternatively, enter the data manually. Open the Settings > General menu, tick the checkbox Allow remote administration and enter the name or IP address of the ManagementServer under Server address. Under Device name you can enter a name that will be used to identify the device in G DATA Administrator. Password should contain the password that you entered in G DATA Administrator (which is also listed in the installation e-mail).

The device will be listed among the other clients in G DATA Administrator's Clients module and can be managed from there. If it does not appear automatically, reboot the device to force it to check in with the G DATA ManagementServer.

Installation - G DATA Virtual Remote Scan Server and Light Agent

The installation of the G DATA Virtual Remote Scan Server is carried out via the G DATA Administrator instead of the general setup.

  1. First of all the appropriate VRSS disk image has to be downloaded: Open the G DATA Administrator and navigate to Clients > Overview. Right-click any one of the listed computers and choose Install G DATA Security Client, then Click on Download Virtual Remote Scan Server.
  2. The standard web browser will open to allow you to download the desired disk image.
  3. Attach the disk image to the virtual machine you want to use for the Virtual Remote Scan Server an start the virtual machine.
  4. Determine the language for the installation.
  5. Select the keyboard layout.
  6. Choose the time zone.
  7. Carefully read the license agreement and confirm it if you agree. In case you do not confirm the agreement the installation will be canceled.
  8. Set the password for the VRSS user.
  9. Choose the host name for the VRSS.
  10. In case a proxy ist being used select manual configuration, otherwise select the standard settings (DHCP).
  11. Enter the IP address, or alternatively the host name, of the G DATA ManagementServer to enable the VRSS to connect to it.
  12. Enter the HTTP port of the management server. The port can be found in the file config.xml in the program folder of the G DATA ManagementServer. Search for "ClientHttpPort" in this file.
  13. Repeat the previous step for the HttpsPort. To find out the port search for "ClientHttpsPort" in config.xml.
  14. Set the VRSS port to be used by the clients to contact the VRSS.
  15. Finally, check the configuration and confirm the settings with Install.

The Appliance Menu will be displayed after the successful installation, allowing you to change the configuration in case the need arises.

The VRSS should register with the ManagementServer now. The G DATA Light Agents, which can be installed via install package or remotely, will be listed in the Client Overview menu. They have to be associated with the VRSS in Client settings > General, thereby concluding the configuration.

Installation - Standard paths and folders

  • Virus signatures G DATA Security Client

Server 2003/Server 2003 R2:

C:\Program Files\Common Files\G DATA\AVKScanP\BD and ...\gd

Server 2008 and newer:

C:\Program Files (x86)\Common Files\G DATA\AVKScanP\BD and ...\gd

  • Virus signatures G DATA ManagementServer

Windows Server 2003/Server 2003 R2:

C:\Documents and Settings\All Users\Application Data\G DATA\AntiVirus ManagementServer\Updates

Server 2008 and newer:

C:\ProgramData\G DATA\AntiVirus ManagementServer\Updates

  • G DATA Security Client-Quarantine

Server 2003/Server 2003 R2:

C:\Documents and Settings\All Users\Application Data\G DATA\AntiVirusKit Client\Quarantine

Server 2008 and newer:

C:\ProgramData\G DATA\AntiVirusKit Client\Quarantine

  • G DATA ManagementServer-Quarantine

Windows Server 2003/Server 2003 R2:

C:\Documents and Settings\All Users\Application Data\G DATA\AntiVirus ManagementServer\Quarantine

Server 2008 and newer:

C:\ProgramData\G DATA\AntiVirus ManagementServer\Quarantine

  • G DATA ManagementServer-Datenbases

Server 2003 and newer:

C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.GDATA2014\MSSQL\Data\GDATA_AntiVirus_ManagementServer_*.mdf

C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.GDATA2014\MSSQL\Data\GDATA_AntiVirus_ManagementServer_log_*.ldf

  • No labels