Install the insider risk and backup agents

Overview

This article provides instructions for deploying the insider risk agent and backup agent to new endpoint devices. This applies only to environments with endpoint devices licensed for backup.

Considerations

  • Devices on which you install the Code42 agents must meet the system requirements in Code42 platform hardware and software requirements.
  • Devices with the backup agent must also have the insider risk agent installed. Using the backup agent without the insider risk agent installed is not supported.

  • To use this functionality, you must be assigned the Security Administrator role. 

  • Do not restore Code42 application files backed up from one device as a means to install the insider risk agent on a different device. Application files are unique to each device and cannot be transferred to a new device.

Install agents for Windows devices

Follow these steps to build a command to install the insider risk agent and backup agent on Windows devices. Use the commands in your deployment tool (for example, Windows SCCM).

Download Windows installers

  1. Sign in to the Code42 console
  2. Navigate to Administration > Agent Management > Downloads.
  3. From the Insider risk agent tab, select the latest Windows installer and click download Download.
  4. From the Backup agent tab, select the latest Windows installer and click download Download.

Set up deployment policy for Windows

Set up a deployment policy with a username detection script for Windows:

  1. From the Code42 console, navigate to Administration > Agent Management > Deployment.
  2. Create a new deployment policy, or edit an existing policy.
  3. In the User detection scripts box for Windows, enter your own username detection script, or use a sample script from Deployment script and command reference for the backup agent
  4. Copy the deployment arguments from an Incydr deployment policy for the insider risk agent
    1. Navigate to Administration > Agent Management > Deployment.
    2. Select the deployment policy you set up in step 3. 
    3. Copy the Windows argument. It starts with DEPLOYMENT_URL and ends with /norestart.
      These are the deployment properties for the insider risk agent. 
  5. Copy the deployment arguments from an Incydr deployment policy for the backup agent
    1. Navigate to Administration > Agent Management > Deployment.
    2. Select the deployment policy you set up in step 3. 
    3. Under Installation Properties, click the Backup agent tab.
    4. Copy the Windows argument. It starts with CP_ARGS= and ends with /qn.
      These are the deployment properties for the backup agent. 

Set up Windows installation policies

  1. In your deployment tool, upload the installer packages from the previous section to your deployment tool. 
  2. Set up the installation policy for the insider risk agent
    1. Create the command by placing the name of the installation file before the deployment arguments. The following command is an example:
      code42-aat_n.n.n.nn_win64.exe 
      DEPLOYMENT_URL=https://console.us.code42.com 
      DEPLOYMENT_POLICY_TOKEN=c42c42c42-4242-4242-4242-c42c42c42c42 
      DEPLOYMENT_SECRET=c42c42c42c42c42c42c42c42c42c42c42c42c42c42c= /install /quiet /norestart
      
    2. Scope this policy to install to all new devices. 
  1. Set up the installation policy for the backup agent
    1. Create the command by using msiexec.exe. The following command is an example:
      msiexec /i Code42_n.n.n_Win64.msi 
      CP_ARGS="DEPLOYMENT_URL=https://.host&DEPLOYMENT_POLICY_TOKEN=c42c42c42-4242-4242-4242-c42c42c42c42” 
      CP_SILENT=true DEVICE_CLOAKED=false /norestart /qn
      
    2. Scope this policy to install to all new devices that require backup functionality. 

Install agents for Mac devices

Follow these steps to install the insider risk agent and backup agent on Mac devices using your deployment tool (for example, Jamf Pro). 

Download Mac installers

  1. Sign in to the Code42 console
  2. Navigate to Administration > Agent Management > Downloads.
  3. From Insider risk agent tab, select the latest Mac installer and click download  Download.
  4. Mount the downloaded DMG and extract the installer PKG from within.
  5. From Backup agent tab, select the latest Mac installer and click download  Download.
  6. Mount the DMG and extract the installer PKG from within.

Set up deployment policy for Mac

Set up a deployment policy with a username detection script for Mac:

  1. From the Code42 console, navigate to Administration > Agent Management > Deployment.
  2. Create a new deployment policy, or edit an existing policy.
  3. In the User detection scripts box for Mac, enter your own username detection script, or use a sample script from Deployment script and command reference for the backup agent
  4. Copy the deployment arguments from an Incydr deployment policy for the insider risk agent
    1. Navigate to Administration > Agent Management > Deployment.
    2. Select the deployment policy you set up in step 4. 
    3. Copy the deployment properties file contents. These are the deployment properties for the insider risk agent. They must be populated to the device at /tmp/code42.deployment.properties or /Library/Application Support/Code42-AAT-Config/code42.deployment.properties. 
  5. Copy the deployment arguments from an Incydr deployment policy for the backup agent
    1. Navigate to Administration > Agent Management > Deployment.
    2. Select the deployment policy you set up in step 4. 
    3. Under Installation Properties, click the Backup agent tab.
    4. Copy the deployment properties file contents. These are the deployment properties for the backup agent. They must be populated to the device at /Library/Application Support/CrashPlan/deploy.properties.

Set up Mac installation policies

  1. In your deployment tool, upload the installer packages from the previous section to your deployment tool. 
  2. Set up the configuration profiles for the Code42 agents:  
  3. Scope these profiles to all devices on which you intend to install Code42 agents. 
  4. Set up the installation policy for the insider risk agent
    1. Create a package or script to populate the deploy.properties file. The following command is an example: 
      #!/bin/bash
      mkdir -p  "/Library/Application Support/Code42-AAT-Config"
      echo "DEPLOYMENT_URL=https://console.us.code42.com 
      DEPLOYMENT_POLICY_TOKEN=c42c42c42-4242-4242-4242-c42c42c42c42 
      DEPLOYMENT_SECRET=c42c42c42c42c42c42c42c42c42c42c42c42c42c42c=" > "/Library/Application Support/Code42-AAT-Config/code42.deployment.properties"
    2. Once the deployment properties file is populated, install the insider risk agent PKG in the system context.
    3. Scope this policy to install to all new devices. 
  5. Set up the installation policy for the backup agent
    1. Create a package or script to populate the deploy.properties file. The following command is an example: 
      #!/bin/bash
      mkdir -p /Library/Application\ Support/CrashPlan echo "DEPLOYMENT_URL=https://console.us.code42.com DEPLOYMENT_POLICY_TOKEN=c42c42c42-4242-4242-4242-c42c42c42c42 CP_SILENT=true DEVICE_CLOAKED=false" > "/Library/Application Support/CrashPlan/deploy.properties"
    2. Once the deployment properties file is populated, install the backup agent PKG in the system context.
    3. Scope this policy to install to any new devices that require backup functionality.