Privacy policy for enterprise solutions

Page tree
Skip to end of metadata
Go to start of metadata

Installation - G DATA Security Client for Windows

G DATA Security Client protects and manages Windows network clients and should be installed on each Windows machine. Depending on the deployment scenario, you can choose a remote installation (via G DATA Administrator) or a local installation (using the G DATA installation medium or a client install package). Additionally, it is recommended that you install G DATA Security Client on your server.

When installing G DATA Security Client on a server, make sure that it does not interfere with existing server workflows. For example, for database and e-mail servers, monitor and scan job exceptions should be defined for some files and folders. Consult the Reference Guide for more information.

Local installation - G DATA Security Client for Windows

If a remote installation is not possible, you can install G DATA Security Client directly on the clients. You can use the G DATA installation medium to manually install the client software, or create a client installation package that can run in the background (which makes it ideal for distribution through logon scripts).

Local installation - installation medium - G DATA Security Client for Windows

Insert the G DATA installation medium and select G DATA Security Client.

During installation, enter the server name or the IP address of the server on which G DATA ManagementServer is installed. The server name is required so that the client can communicate with the server over the network. Optionally, a group name can be entered. Once it connects to the ManagementServer, the client will be added to the corresponding group. See Installation package for more information about the rules for entering group names.

In order to prevent unauthorized access to the ManagementServer, clients that are deployed through a local installation need to be authorized in G DATA Administrator under Clients > Overview before they are fully served.

Local installation - installation package - G DATA Security Client for Windows

The package is a single executable file (GDClientPck.exe), which can be used to install G DATA Security Client. The installation package can be used to install the client to all computers in a domain via a login script, or to install locally, and it always contains the current client version available on the server.

To create an installation package, start G DATA Administrator. In the menu Organization, click the option Create installation package for Windows clients. You will be prompted for the following information:

ManagementServer: The ManagementServer with which the clients should register.

Language: The installation language.

Group: The group to which the client will be added after the installation.

Use a slash "/" to separate group names in a hierarchy. Special characters in group names must be marked: Every quotation mark in group names must be duplicated. If a group name contains a "/", the group name must be enclosed in quotation marks.

Limit validity: Limit the validity of the installation package. If the package is installed after this period of time, it is considered unauthorized and needs to be manually authorized in G DATA Administrator under Clients > Overview.

Click OK and select a storage location. G DATA Administrator will create the installation package in the background. It can then be copied to the target computer and should be launched there with administrator rights in order to install G DATA Security Client. If the installation should be carried out without user interaction, start the installation package with the parameter / @_QuietInstallation="true": GDClientPck.exe  @_QuietInstallation="true".

Remote installation - G DATA Security Client for Windows

The most convenient way to install clients is to initiate a remote installation through G DATA Administrator. The Server setup wizard and the Clients module allow you to automatically install G DATA Security Client to all machines.

In addition to the required port configuration, remote installations have the following prerequisites:

A user account with administrative permissions on the client must be entered. The account does not necessarily need to have a password. In that case, however, the target machine must be explicitly configured to allow network logons for accounts without a password. More information can be found in the Reference Guide. To remotely install a subnet server, an account password must be set: an empty password field is not permitted.

Service Control Manager on the client must be remotely accessible using the specified user account.

The specified user account must have write permissions for at least one network share on the client, such as C$, Admin$ or a custom share. Access can be enabled by opening the Network and Sharing center and enabling File and Printer Sharing under Advanced sharing settings (Windows Vista and newer). On Windows XP, enable File and Printer Sharing on the Exceptions tab of Windows Firewall.

When the client is not in a domain, additional settings must be configured:

Simple File Sharing (Windows XP) or the Use Sharing Wizard option (Windows Vista/ Windows Server 2008 or newer) must be disabled. It is enabled by default in all Windows installations and can be disabled by opening any folder in Windows Explorer, clicking Organize > Folder and search options > View, and unchecking the respective option.

When the client is using Windows Vista or newer: Open Registry Editor on the client and navigate to the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System. Add a DWORD value named LocalAccountTokenFilterPolicy with value 1.

Using the Server setup wizard, which is automatically run the first time you start G DATA Administrator, you get an overview of all enabled computers in the network. You can also manually add and enable computers by name. Alternatively, the Clients module allows you to install G DATA Security Client by selecting one or more machines in the client list, right-clicking on them and choosing Install G DATA Security Client. After selecting the machines, both procedures carry on similarly. An input window appears in which you should enter the User name, Password and Domain with access rights on the clients. After selecting a display language for the client, the Installation overview window is automatically opened. In most cases, the client will need to be rebooted in order to complete the installation: the installation procedure will add a report to the Security events module if a reboot is required.

When using Active Directory integration, you can choose to automatically attempt to install G DATA Security Client on newly added computers. The same prerequisites apply.

Remote installation can be completed in two ways. If the clients meet the necessary prerequisites, the files are copied directly and entries are made in the registry. If the server can only access the hard drive and not the registry, or if other system prerequisites are not met, the entire setup program is copied to the client and started automatically at the next computer reboot.

  • No labels