Main Menu
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • English English English en
  • BLOG
  • CONTACT SALES
  • FREE TRIALS
  • English English English en
SonicWall
  • Products
    • Network Security
      • Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
      • Security ServicesComprehensive security for your network security solution
      • Network Security ManagerModern Security Management for today’s security landscape
    • Advanced Threat Protection
      • Capture ATPMulti-engine advanced threat detection
      • Capture Security applianceAdvanced Threat Protection for modern threat landscape
    • Access Security
      • Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
      • Secure Mobile AccessRemote, best-in-class, secure access
      • Wireless Access PointsEasy to manage, fast and secure Wi-FI
      • SwitchesHigh-speed network switching for business connectivity
    • Email Security
      • Email SecurityProtect against today’s advanced email threats
    • Cloud Security
      • Cloud App SecurityVisibility and security for Cloud Apps
      • Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
    • Endpoint Security
      • Capture ClientStop advanced threats and rollback the damage caused by malware
      • Content Filtering ClientControl access to unwanted and unsecure web content
    • Product Widgets
      • Product Menu Right Image
      • Capture Cloud Platform
        Capture Cloud Platform

        A security ecosystem to harness the power of the cloud

    • Button Widgets
      • Products A-Z
        all products A–Z FREE TRIALS
  • Solutions
    • Industries
      • Distributed Enterprises
      • Retail & Hospitality
      • K-12 Education
      • Higher Education
      • State & Local
      • Federal
      • Healthcare
      • Financial Services
      • Carriers
    • Use Cases
      • Secure SD-Branch
      • Zero Trust Security
      • Secure SD-WAN
      • Office 365 Security
      • SaaS Security
      • Secure WiFi
    • Solutions Widgets
      • Solutions Content Widgets
        Federal

        Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions

      • Solutions Image Widgets
  • Partners
    • SonicWall Partners
      • Partners Overview
      • Find a Partner
      • Authorized Distributors
      • Technology Partners
    • Partner Resources
      • Become a Partner
      • SonicWall University
      • Training & Certification
    • Partner Widgets
      • Custom HTML : Partners Content WIdgets
        Partner Portal

        Access to deal registration, MDF, sales and marketing tools, training and more

      • Partners Image Widgets
  • Support
    • Support
      • Support Portal
      • Knowledge Base
      • Technical Documentation
      • Community
      • Video Tutorials
      • Product Life Cycle Tables
      • Partner Enabled Services
      • Contact Support
    • Resources
      • Resource Center
      • Free Trials
      • Blog
      • SonicWall University
      • MySonicWall
    • Capture Labs
      • Capture Labs
      • Security Center
      • Security News
      • PSIRT
      • Application Catalog
    • Support Widget
      • Custom HTML : Support Content WIdgets
        Support Portal

        Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials

      • Support Image Widgets
  • COMPANY
    • Boundless Cybersecurity
    • Press Releases
    • News
    • Awards
    • Leadership
    • Press Kit
    • Careers
  • PROMOTIONS
    • Customer Loyalty Program
  • MANAGED SERVICES
    • Managed Security Services
    • Security as a Service
    • Professional Services
  • Contact Sales
  • Menu

How to install SonicWall Enforced Client Anti-Virus on all clients in a Domain

03/26/2020 7 People found this article helpful 96,910 Views

    Download
    Print
    Share
    • LinkedIn
    • Twitter
    • Facebook
    • Email
    • Copy URL The link has been copied to clipboard

    Description

    To install SonicWall Enforced Client Anti-Virus on all clients in a domain, create your own MST transform files for a Microsoft Windows Installer MSI package and deploy SonicWall Enforced Client through domain group policy. An MST file is essentially an answer file for MSI packages. Use the Microsoft's Orca editor to create the MST transform file to use with SWECMSetup.msi for deployment of SonicWall Enforced Client through domain policy. The SWECMSetup.msi installer and your MST transform file can be deployed on multiple client machines by using group policy. When the client computers start, the assigned MSI package is installed automatically. The following sections provides detailed instructions for deployment of SonicWall Enforced Client through domain policy.

    Resolution

    Introduction

    The following sections describes how to create your own MST transform file for use with a Microsoft Windows Installer MSI package to deploy SonicWall Enforced Client through domain group policy. An MST file is essentially an answer file for MSI packages. In this section you will learn how to use Microsoft's Orca editor to create the MST transform file to use with SWECMSetup.msi for deployment of SonicWall Enforced Client through domain policy. The SWECMSetup.msi installer with the help of your MST transform file can be deployed on multiple client machines by using group policy. When the client computers start, the assigned MSI package is installed automatically.

    Prerequisites:

    You will need the following for a Domain Group Policy installation:

    • Workstation or member server (Windows 2003 server registered in Active Directory Domain 2003 or later) for creating an MST file 
    • Windows 2003 Server with Domain controller installed

    • Microsoft's Orca Editor • Windows Installer 2.0

    How to Get the Orca Editor

    The Orca Editor is Microsoft's MSI file editor. Other editors are also available on the Internet. The Orca Editor allows you to edit the MSIfile directly, create new files, or change existing MST files. Follow these steps to download and install the editor. For our purposes, the Orca Editor is installed on a Windows workstation.

    Download the Orca Editor from one of the following links:

    • http://msdn.microsoft.com/en-us/library/aa370557(VS.85).aspx

    • http://support.microsoft.com/kb/255905/en-us

    Creating an MST Transform File with Orca

    To create an MST Transform file:

    1. Launch Orca, click File > Open, navigate to the SWECMSetup.MSI file and click Open.

    Image

    2. Click on New Transform under the Transform menu.

    Image

    3. In the Tables pane, click Property to select the Property table.

    Image

    4. Click Tables > Add Row (Ctrl+R). The Add Row dialog box opens.

    Image

    5. In the Add Row dialog box, add the following row and click OK.

    Property Name = LM_URL, Value = https://clientmanager.global.SonicWall.com/ecm/getClientLicenseInfo

    Image

    6. Click Tables > Add Row (Ctrl+R). In the Add Row dialog box, add the following row and click OK.

    ? Property Name = SECID, Value = (excluding the angle brackets, where Appliance_serial_number is in the form of 0017C510Cxxx)

    Image

    7. Click Generate Transform under the Transform menu.

    Image

    8. Type in a name for the file, and click Save to save the Transform.

    Image

    9. Use the saved MST transform file with SWECMSetup.msi for SonicWall Enforced Client deployment through domain policy.

     

    Creating a Group Policy for SonicWall Enforced Client Deployment

    This section describes how to deploy the SWECMSetup.msi installer on multiple machines using Group Policy for SonicWall Enforced Client Deployment.

    Methods of Deployment

    Group Policy supports the following two methods of deploying an MSI package:

    • Assign software - A program can be assigned per-user or per-machine. If it is assigned per-user, it will be installed when the user logs on. If it is assigned per-machine, then the program will be installed for all users when the machine starts.

    • Publish software - A program can be published for one or more users. This program will be added to the Add or Remove Programs list and the user will be able to install it from there.

    For more information about these deployment methods, see Microsoft knowledge base article:
    http://support.microsoft.com/kb/816102

    For the Assign software and Publish software methods of deployment, you need a distribution point on a server where you can place the SWECMSetup.msi and Transform files. The distribution point must be accessible for all domain users. When a domain computer starts or connects, it will attempt to access the two files on the distribution point due to domain policy enforcement.

    NOTE: This KB assumes the Assign software method.

    Creating a Distribution Point

    The first step in deploying an MSI through a Group Policy Object is to create a distribution point on the publishing server.

    To deploy a distribution point on the publishing server:

    1 Log on to the server as an Administrator.
    2 Create a shared network folder (this folder will contain the MSI package).
    3 Set permissions on this folder to allow access to the distribution package.
    4 Copy the SWECMSetup.msi file and your SEC_MSI_Transform.mst Transform file into the shared folder.

    Creating a Group Policy Object

    An MSI package is deployed (distributed) as a Group Policy Object.

    To create an object for your package:

    1. Click on the Start button, go to Programs, select Administrative Tools and then select Active Directory Users and Computers. This brings up an Active Directory MMC snap-in.

    2. In the console tree, right-click the domain name on which you want to deploy the SonicWall Enforced Client and select Properties.

    Image

    3. In the Properties window, select the Group Policy tab and click New.

    Image

    4. Type in a name for the policy (for example, SonicWall SEC Policy) and click OK.
    5. In the Properties window again, select your policy and click the Edit button to open the Group Policy Object Editor MMC snap-in.

    Image

    6. In the Group Policy Object Editor, select Computer Configuration.

    NOTE: A User Configuration option causes the policy to be enforced when a user logs in. This option causes a check for an enforced policy every time the user logs in, and is rarely used.

    Image

    7. Expand Software Settings under Computer Configuration. Right-click Software Installations, select New and then click on Package.

    8. In the File name field of the Open dialog box, type the full UNC path (in the form: \ComputerNameSharedFolderPackageName) of the shared package to assign and then click Open.

    Image

    9. In the Deploy Software dialog box that pops up, select Advanced and then click OK (the package will be added to the right pane of the Group Policy window.

    Image

    10. In the SonicWall Enforced Client Properties window, select the Modifications tab and then click Add.

    Image

    11. Navigate to the Transform file that you created (using the UNC path). Select it and then click Open.

    Image

    12. In the SonicWall Enforced Client Properties window, select the Security tab.

    Image

    13. Click Add to open the Select Users, Computers, or Groups window. Add the Domain Computers group and click OK.

    Image

    14. Verify that the Domain Computers group is added. Click Apply and then click OK.

    Image

    15. Close the Group Policy Object Editor and other MMC snap-ins that are open. This completes the setup process. To refresh group policy and apply these settings see Refreshing Group Policy to Apply New Settings section.

     

    Refreshing Group Policy to Apply New Settings

    This section describes the refresh process for group topology to apply new settings.

    To refresh group policy for the domain and apply the new Group Policy Object:

    1. Click the Start button, then type cmd to open a command prompt window.
    2. Type the command gpupdate at the prompt.

    Image

    When domain computers start, the assigned package will be installed automatically. The message Installing managed software SonicWall Enforced Client is displayed.

    Image

    Note: Auto install  will not take place until there is any earlier AV software that is uninstalled.  

                At present Uninstall is a manual process

     

    Uninstalling SonicWall Enforced Client

    To uninstall the SonicWall Enforced Client Anti-Virus from a client computer:

    1. Log in to the client computer as an Administrator.
    2. Click the Start button, then type cmd to open a command prompt window.
    3. Type the following command at the prompt, without the angle brackets and using the UNC path for Path: msiexec /x
    <Pathswecmsetup.msi> /qb

     

    Related Articles

    • Global VPN Client slowing down the internet speed
    • App Control fails by schema error when editing VPN category
    • Custom Geo-IP list to exclude a website from Geo-IP filter

    Categories

    • Firewalls > TZ Series
    • Firewalls > SonicWall SuperMassive E10000 Series
    • Firewalls > SonicWall SuperMassive 9000 Series
    • Firewalls > SonicWall NSA Series

    Not Finding Your Answers?

    ASK THE COMMUNITY

    Was This Article Helpful?

    YESNO

    Article Helpful Form

    Article Not Helpful Form

    Company
    • Careers
    • News
    • Leadership
    • Awards
    • Press Kit
    • Contact Us
    Popular resources
    • Communities
    • Blog
    • SonicWall Capture Labs

    Stay In Touch

    • By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time from the Preference Center.
    • This field is for validation purposes and should be left unchanged.
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
    • Instagram

    © 2022 SonicWall. All Rights Reserved.

    • Legal
    • Privacy
    • English
    Scroll to top
    Trace:bc25ceab620983726ed9b9f9e3bc8474-80