Manually update the Linux driver

When you upgrade the kernel on your Linux device, you must make sure that the device is running a driver that supports it. When a Linux distribution releases a kernel update, Arctic Wolf creates an updated Linux driver package and makes it available from the management console. A driver update package is only available if there is a more up-to-date version than the one included in the agent release. 

Arctic Wolf recommends that you upgrade to agent version 3.1 or later, which enables a feature that allows the agent to automatically update the Linux driver after an updated kernel is detected, as soon as it becomes available. If you are running agent versions 3.0 or 2.1.1590, or you choose not to use the Auto-Update Linux Driver feature, you must manually install a supported driver for the Linux kernel. You can use tools and methods from your organization to deploy the compatible drivers to your devices.

  1. In the management console, on the menu bar, click Settings > Deployments.
  2. In the Product list, select CylancePROTECT Driver.
  3. In the OS list, select the operating system that you want to download the driver for.
  4. In the Version list, select the version of the driver.
  5. In the Format list, select the format of the driver.
  6. Click Download.
  7. To upgrade the RPM package, use one of these commands:
    Paste both drivers in the same command line and replace "xx" with the package version number:

    Distribution

    Commands

    Oracle 6, Oracle UEK 6
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.el6.noarch.rpm CylancePROTECTDriver-<xx>.el6.noarch.rpm

    CentOS 7, RHEL 7, Oracle 7, Oracle UEK 7
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.el7.x86_64.rpm CylancePROTECTDriver-<xx>.el7.x86_64.rpm

    CentOS 8, RHEL 8, Oracle 8, Oracle UEK 8, AlmaLinux 8, Rocky Linux 8
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.el8.x86_64.rpm CylancePROTECTDriver-<xx>.el8.x86_64.rpm

    CentOS 9, RHEL 9, Oracle 9, Oracle UEK 9, AlmaLinux 9, Rocky Linux 9
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.el9.x86_64.rpm CylancePROTECTDriver-<xx>.el9.x86_64.rpm

    Amazon Linux 2
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.amzn2.x86_64.rpm CylancePROTECTDriver-<xx>.amzn2.x86_64.rpm

    SUSE Linux Enterprise Server
    CODE 
    rpm -Uvh CylancePROTECTOpenDriver-<xx>.x86_64.rpm CylancePROTECTDriver-<xx>.x86_64.rpm

    Supported 32-bit Ubuntu and Xubuntu distros
    • Install the dependencies with this command:
      CODE 
      apt-get update -y && apt-get install
    • Install the Aurora Protect Desktop driver DEB packages with these commands:
      CODE 
      dpkg -i cylance-protect-open-driver_<xx>_i386_32.deb
dpkg -i cylance-protect-driver_<xx>_i386_32.deb

    Supported 64-bit Ubuntu, Xubuntu, and Debian distros
    • Install the dependencies with this command:
      CODE 
      apt-get update -y && apt-get install
    • Install the Aurora Protect Desktop driver DEB packages with these commands:
      CODE 
      dpkg -i cylance-protect-open-driver_<xx>_amd64.deb
dpkg -i cylance-protect-driver_<xx>_amd64.deb
  8. Restart the service with this command: systemctl restart cylancesvc.