Prepare a template to easily deploy endpoint agents and sensors to cloned desktops on physical machines, as well as persistent and non-persistent virtual desktops.
Important
|
Carefully review the feature support and requirements for this deployment method before
reviewing the steps.
The Standard Endpoint Protection agent also supports virtual desktop deployment by
manually triggering the TCacheGen tool or using the Command Line Interface.
Procedure
- Power on and set up the source desktop you want to use to create the template, including configuring the operating system, VM settings, and software.
- Configure the software for a VDI or cloned environment, including any endpoint protection software.
- If you are deploying a Server & Workload Protection agent, configure
Agent-Initiated Activation.
- In the Trend Vision One console, go to .
- Select Allow Agent-Initiated Activation.
- Select Allow Trend Vision One Virtual Desktop Infrastructure
(VDI) support and cloned virtual machines.
Important
Enabling this feature locks other Agent-Initiated Activation settings. For more information, see Agent settings.
- In the Trend Vision One console, go to and click Agent Installer.
- Download the Agent Installer package you want to use and install the agent on
the source desktop.Follow the steps in the linked topics based on the agent type you wish to use to install the agent program on the source desktop:
- After installation finishes, go to and locate the source desktop on the list.
- Verify that the desired endpoint policy settings are correct.
- If you want to facilitate future agent upgrades, create a snapshot of your
source desktop.For more information, see Updating the agent for golden image templates.The following the steps detail how to download and run the Image Setup Tool. Trend Micro recommends using the Image Setup Tool for all of your template-based deployments.
Important
-
The Image Setup Tool does not support Linux or macOS deployments. Skip ahead to complete the setup.
-
You must use the Image Setup Tool for deploying non-persistent Windows virtual desktops.
-
The Image Setup Tool disables updates for the endpoint agent. To maintain the ability to update the agent program in the future, you must create a snapshot of the source desktop before installing and running the Image Setup Tool.
-
- In the Trend Vision One console, go to and click Agent Installer.
- Click the Download Image Setup
Tool icon () for your agent type.The Virtual Desktop Image Setup Tool screen appears.
- Click Download to download the Image Setup Tool.
Important
The downloaded Image Setup Tool package is specific to your organization. - Copy the Admin token.
- Extract the contents of the
ImageSetupTool.zip
package onto the source desktop. - For customers installing the Standard Endpoint Protection agent, run the
TCacheGen tool found in
<ImageSetupTool folder>\TCacheGen
before running the Image Setup Tool.-
Use the graphics user interface:
-
Double-click the executable (TCacheGen.exe or TCacheGen_x64.exe).
-
Select Generate the pre-scan template and remove the GUID or Remove the GUID from the pre-scan template.
-
Click Next.
-
-
Use the command line:
-
Unload the Agent.
-
Put a copy of the following files under <Agent installation folder>:
-
32-bit platform: TCacheGen.exe and TCacheGenCli.exe
-
64-bit platform: TCacheGen_x64.exe and TCacheGenCli_x64.exe
-
-
Start the Agent again from the Start Menu.
-
Run one of the following commands as an administrator:
-
To scan and remove the GUID:
-
TCacheGenCli Generate_Template
-
TcacheGenCli_x64 Generate_Template
-
-
To only remove the GUID:
-
TCacheGenCli Remove_GUID
-
TcacheGenCli_x64 Remove_GUID
-
-
-
Provide the agent unload password.
-
Note
The TCacheGen executable is automatically deleted after generating the template to avoid unexpectedly triggering this tool again. Running the tool again re-creates the agent GUID and causes the agent to register as a new entry, breaking the association to current settings and logs. -
- Run
ImageSetupTool.exe
as an administrator on the source desktop to prepare the agent.Important
Specify if your cloned machine is physical/persistent or non-persistent.CommandUse CaseSupported FeaturesImageSetupTool.exe --persistent
-
Persistent virtual desktops
-
Physical desktop clones
-
Standard agent auto-removal
-
Vulnerability Assessment available
-
In-place upgrades
ImageSetupTool.exe --non-persistent
-
Non-persistent virtual desktops
-
Non-persistent agent auto-removal available from Endpoint Inventory
-
Vulnerability Assessment disabled
-
In-place upgrades disabled
ImageSetupTool.exe --persistent --no-login
ImageSetupTool.exe --non-persistent --no-login
Do not require a login for the newly provisioned machine-
Citrix ICA virtual channels
-
- Paste the admin token copied from the Endpoint Inventory app when prompted.
- Delete the Image Setup Tool from the source desktop once image setup completes.
- Export your source desktop as a golden image template.When signing into a desktop created using the golden image template, the newly-provisioned endpoint appears in the Endpoint Inventory list.