Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

toc
Easy heading
linkText4
linkText10
linkText3
linkText6
linkText5
relatedLinksLabels
linkText2
linkText1
headingTagsH1,H2,H3
sidebarMaxHeight450
linkType2Page
linkType3Page
linkType1Page
linkType10Page
sidebarTitleON THIS PAGE
linkUrl3
linkUrl4
linkUrl1
linkUrl2
linkUrl10
includedPageModeDisable_Included_Pages
linkText8
linkText7
relatedLinksOrderLabels_First
sidebarModeOpened
headingNumberingModeDisable_Numbering
linkText9
sidebarMarginRight20
relatedLinksTargetNew_Window
relatedLinksTitleRELATED LINKS
linkUrl9
linkUrl7
linkUrl8
numberedHeadingTagsH1,H2,H3
linkUrl5
linkUrl6
linkType8Page
linkType9Page
linkType6Page
headingLinkTextModeWrap
linkType7Page
linkType4Page
linkType5Page
sidebarWidth240
sidebarTop160
headingLinkExpandModeCollapse_All_By_Default
headingLinkIndent10

Anchor
_Toc140072049
_Toc140072049
Introduction

This document aims to furnish detailed instructions on installing the GYTPOL Validator client Sensor across different operating systems, including Windows, Linux, and macOS.

GYTPOL Sensor location

To obtain the latest GYTPOL Sensor versions, please request the download links from your GYTPOL Customer Success Manager. If you're unsure of your assigned CSM, you can reach out to support@gytpol.com for assistance.

Anchor
_Toc140072050
_Toc140072050
Supported Operating Systems

Microsoft:

Endpoints: Windows 7 (x32/x64) and later newer

Servers: Windows Server 2008 and laternewer

Microsoft Client Sensor / OS support matrix:

OS

Detection

Remediation / Revert

Windows 7

V

X

Windows 8 / 8.1

V

X

Windows 10 / 11

V

V

Windows Server 2008 / 2008 r2

V

X

Windows Server 2012 / 2012 r2

V

X

Windows Server 2016 / 2019 / 2022

V

V

Important Note: Remediation functionality is supported on older versions of Microsoft Windows and Servers as long as Powershell v5.1 and later newer are installed.

Linux Distribution support matrix

Distribution

Supported Versions

ARM64 Architecture

Alibaba Cloud Linux

...

Ubuntu 16 and later

RHEL 7 and later

CentOS 7 and later

Rocky 9 and later

2 and newer

Not Supported

Alma

7 and newer

Not Supported

Amazon Linux

2 and 2023

Not Supported

CentOS

7 and newer

Not Supported

Debian

10 and newer

Not Supported

Red Hat Enterprise Linux (RHEL)

7 and newer

Not Supported

Rocky Linux

9 and newer

Not Supported

SUSE Linux Enterprise Server (SLES)

12 and newer

Not Supported

Ubuntu

16 and newer

Not Supported

macOS:

Catalina 10.15 (x64) and laternewer

Anchor
_Toc140072051
_Toc140072051
Windows OS

Anchor
_Toc140072052
_Toc140072052
Pre-Installation

Ports to open:

GYTPOL Client Sensor to GYTPOL server on-Prem - port 9093

GYTPOL Client Sensor to GYTPOL SaaS - port 443

...

Does the Endpoint need to be a member of the domain?

No

Anchor
_Toc140072053
_Toc140072053
Installation

Open elevated CMD (r. click on CMD > Run as Administrator).

...

Once finished, the progress window will be disappeared.

Anchor
_Toc140072054
_Toc140072054
Post-Installation

To verify the successful installation of the clientSensor, follow these steps:

  1. Open Task Scheduler as an Administrator.

  2. Check for the gytpol folder under the main Library.

  3. Expand the folder, and you should observe three tasks, as exemplified below:he example below:

...

C:\Program Files\WindowsPowerShell\Modules\gytpol

Where are the logs?

C:\Program Files\WindowsPowerShell\Modules\gytpol\log

Log retention policy

Every Windows Sensor is configured to retain up to 10 log files, with each file being 5MB in size. Once the 10-file limit is reached, the oldest log files are automatically deleted to make room for new ones, ensuring efficient log management.

This behavior can be observed in any installed Windows Sensor under the log directory C:\Program Files\WindowsPowerShell\Modules\gytpol\log.

Anchor
_Toc140072055
_Toc140072055
Uninstalling

To uninstall the GYTPOL ClientSensor:

  1. Open "Programs and Features."

  2. Locate "gytpolClient" in the list of installed programs.

  3. Right-click on "gytpolClient" and select "Uninstall" or "Remove."

...

Anchor
_Toc140072056
_Toc140072056
Linux

Anchor
_Toc140072057
_Toc140072057
Pre-Installation

Ports to open:

GYTPOL Client Sensor to GYTPOL server on-Prem - port 9093

GYTPOL Client Sensor to GYTPOL SaaS - port 443

...

Does the Endpoint need to be a member of the domain?

No

Anchor
_Toc140072058
_Toc140072058
Installation

Command to run:

  • Debian (Ubuntu): sudo dpkg -i <gytpol-clientSensor-path>

  • RPM (RHEL, centOS, SUSE etc.): sudo rpm -ivh <gytpol-clientSensor-path>

Anchor
_Toc140072059
_Toc140072059
Post-Installation

Where will I see the scanned machine?

...

Where are the logs?

/opt/gytpol/logs

Log retention policy

The Sensor is configured to retain logs for a period of 10 days. Each day may generate one or more log files, depending on the number of actions performed (e.g., scans, service logs, remediations). After 10 days, older log files are automatically deleted to maintain efficient log management.

This behavior can be observed in any installed Linux Sensor under the directory /opt/gytpol/log.

Where are the configuration folder?

config.json ” for client’s Sensor’s configuration to a dedicated server

...

config.json

This file contains client’s Sensor’s configuration:

{

"HttpVerifyCert" : false,

...

ArchiveFolderPath - Folder (relative to /opt/gytpol) in which reports are being saved to before sending them to the server.

Anchor
_Toc140072060
_Toc140072060
Uninstalling

Debian: sudo dpkg —remove gytpol-client

...

It is highly recommended to take a backup of important data before making any changes to the system to mitigate any potential data loss. Always exercise caution when executing commands that may impact system configurations.


Anchor
_Toc140072061
_Toc140072061
macOS

Anchor
_Toc140072062
_Toc140072062
Pre-Installation:

Ports to open:

GYTPOL Client Sensor to GYTPOL server on-Prem - port 9093

GYTPOL Client Sensor to GYTPOL SaaS - port 443

...

Does the Endpoint need to be a member of the domain?

No

Anchor
_Toc140072063
_Toc140072063
Installation:

Before proceeding with the installation, determine the platform architecture by checking the "About this Mac." This information will help ensure that the correct version of the software is installed for your system.

...

Identify and choose the right package according to the table below:

Platform

Architecture

Terminal output

Package file

macOS

Intel chipset

i386

gytpol-client-<version>_amd64.pkg

macOS

Apple silicon

arm

gytpol-client-<version>_arm64.pkg

...

Your output should look like this:

...

Anchor
_Toc140072064
_Toc140072064
Post-Installation

Where will I see the scanned machine?

...

Where are the logs?

/opt/gytpol/logs

Log retention policy

The Sensor is configured to retain logs for a period of 10 days. Each day may generate one or more log files, depending on the number of actions performed (e.g., scans, service logs, remediations). After 10 days, older log files are automatically deleted to maintain efficient log management.

This behavior can be observed in any installed macOS Sensor under the directory /opt/gytpol/log.

Where are the configuration folder?

config.json ” for client’s Sensor’s configuration to a dedicated server

...

config.json

This file contains client’s Sensor’s configuration:

{

"HttpVerifyCert" : false,

...

Anchor
_Toc140072065
_Toc140072065

Uninstalling

Stop the launch daemon.

sudo launchctl stop com.gytpol.gytmac

...