Overview
Cylance Protect is a next generation anti-virus product and seems to be taking the OS X world by storm. The product marketing aspect verbiage states Cylance “blocks threats in real time BEFORE they ever cause harm.”
As a result of Cylance’s success, I’ve recently received a number of requests from customers asking how they can silently install the product with their specific, company-unique token.
Luckily, accomplishing a silent install of Cylance Protect is a fairly simple process. I’ve written a basic script that will accomplish the task for you. One particular customer sent a reply back to me after using this script, stating the “Cylance deployments went great!!!” Hopefully your deployments can go as smooth as theirs.
Furthermore, because this script leverages the LANDESK SDClient tool for the download, you will still benefit from bandwidth controls and you’ll be able to leverage the peer sharing if your store your package file into the sdcache folder.
For simplicity, I’ve chosen to write my package to the same folder as where I’ll write my token file. Because the token file can be read with any text editor, I’ve chosen to store my data in a private folder; which means I will only benefit from LANDESK’s bandwidth controls, but I figured it was a good tradeoff for me. I just didn’t want to put the license key into a folder that people might be accustom to look at.
Cylance Protect Script
Break out your favorite Text Editor (TextWrangler or XCode is what I use) and let’s get started. I’ll break the script down into sections for easy understanding. The first part of the script contains your obligatory declaration indicating it’s a shell script as well as some comments as to what I named the script, when I created the script and what it does. Besides the very first line, everything is optional.
#!/bin/sh
# CylanceSilentInstall.sh
# Created by Bennett Norton on 8/30/16.
# This script will copy a file from the source destination and place it on the Mac into the destination folder
The next part is where you’ll set the variables used throughout the script. You’ll need to supply the custom Cylance token, the package name, the location of where the package will be stored on your HTTP share and the location to where you’ll want to store the package and Cylance token on the client.
It’s likely that you’ll be able to leave the cylancePackageName and cylancePackageAndTokenDestination variables as is, only modifying the cylanceToken and cylancePackageLocation variables. Just repalce the text betweent the quotes.
#Script Variables
#change these variables to match your token and desired destination paths
cylanceToken="cylanceCustomToken"
cylancePackageName="CylancePROTECT.zip"
cylancePackageLocation="http://ldserver.ldlab.org/SoftwareDist/MacPackages/Cylance/"
cylancePackageAndTokenDestination="/private/tmp/Cylance"
The next section of the script detects if the folder for where we will store the package file on the client exists and if it does not, creates it. You may want to enhance this part of the script on your own to delete any files inside if it does exist, I have not added that in, but it may be a good idea.
#Check to see if destination exists and if not, create it
if [ ! -d "$cylancePackageAndTokenDestination" ]; then
echo "Location doesn't exist. Creating directory"
mkdir $cylancePackageAndTokenDestination
echo "$cylancePackageAndTokenDestination created"
fi
You shouldn’t need to adjust anything within the next phase of this script. This step is simply creating an output file of the token to be used during the install.
#Output token to file
#You shouldn't need to make any changes here
echo "$cylanceToken" > "$cylancePackageAndTokenDestination/cyagent_install_token"
The next step within our script is to download the installer package. This piece is specifically tailored to LANDESK Management Suite and uses SDClient as the downloader. If you don’t have LANDESK Management Suite, alter this part of the script to use CURL.
#Download package installer
/Library/Application\ Support/LANDesk/bin/sdclient -noinstall -package "$cylancePackageLocation/""$cylancePackageName" -destdir "$cylancePackageAndTokenDestination"
We now need to unzip the package file and install the package using OS X commands, which means this code is generic, not specific to LANDESK Management Suite.
#unzip package installer
unzip "$cylancePackageAndTokenDestination/""$cylancePackageName" -d "$cylancePackageAndTokenDestination"
#Install Cylance
sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /
Finally, let’s clean up after ourselves. The final command in our script will delete the entire /tmp folder.
#Delete Cylance folder
rm -rf "$cylancePackageAndTokenDestination"
As I mentioned with the folder detection, you may want to do some detection logic to see if the application exists in the Application folder prior to deleting the folder, that’s up to you.
And that’s it, you now have a fully functioning script you can use to silently deploy Cylance Protect in your environment. For ease in the copy and paste process, here is the entire script.
#!/bin/sh
# CylanceSilentInstall.sh
# Created by Bennett Norton on 8/30/16.
# This script will copy a file from the source destination and place it on the Mac into the destination folder
#Script Variables
#change these variables to match your token and desired destination paths
cylanceToken="cylanceCustomToken"
cylancePackageName="CylancePROTECT.zip"
cylancePackageLocation="http://ldserver.ldlab.org/SoftwareDist/MacPackages/Cylance/"
cylancePackageAndTokenDestination="/private/tmp/Cylance"
#Check to see if destination exists and if not, create it
if [ ! -d "$cylancePackageAndTokenDestination" ]; then
echo "Location doesn't exist. Creating directory"
mkdir $cylancePackageAndTokenDestination
echo "$cylancePackageAndTokenDestination created"
fi
#Output token to file
#You shouldn't need to make any changes here
echo "$cylanceToken" > "$cylancePackageAndTokenDestination/cyagent_install_token"
#Download package installer
/Library/Application\ Support/LANDesk/bin/sdclient -noinstall -package "$cylancePackageLocation/""$cylancePackageName" -destdir "$cylancePackageAndTokenDestination"
#unzip package installer
unzip "$cylancePackageAndTokenDestination/""$cylancePackageName" -d "$cylancePackageAndTokenDestination"
#Install Cylance
sudo installer -pkg /private/tmp/Cylance/CylancePROTECT.pkg -target /
#Delete Cylance folder
rm -rf "$cylancePackageAndTokenDestination"
At this point, you need to save your file to an OS X machine, if you’re not already on a Mac. Make sure your file extension is .sh as well, I saved mine as CylanceSilentInstall.sh.
After your shell script is saved, you then need to open up Terminal and give the script execute permissions. Don’t skip this step or your script will not execute when using LANDESK. Once Terminal is open, run the following command:
chmod +x /path/to/your/script/name.sh
You should now be able to test your script manually. Find a test machine or VM, if the Mac you’re using is not viable, open Terminal on it and run the following command:
sudo /path/to/your/script/name.sh
Assuming all goes well and Cylance Protect installs, you’re ready to zip up your script and copy it to your HTTP package share. Now you just need to build a LANDESK Mac package and deploy the package to your target machines.
Create a LANDESK Mac Software Package
- Open the LANDESK Console
- Navigate to the top menu bar, select Tools > Distribution > Distribution Packages.
- In the lower left menu tree, highlight My Packages or Public Packages from within the Distribution Packages window
- On the Distribution menu bar, press the New Package button and select New Macintosh Package.
- Give the package a name
- Provide a description as well as any metadata information desired
- Set the primary file to the zip file you previously transferred to your software distribution folder
- Fill out the Metadata details if desired, specifically supplying a logo so it shows up properly in the portal
- Save the package
Create a Scheduled Mac Software Distribution Task
- Right click on the Mac software distribution package created and select Create Scheduled Task
- From the network view, select and drag the desired machine(s), user(s) or query(ies) and drop them onto the task
- Now, right click on the task and select properties
- Set the desired Task type under Task Settings as to whether you want a push, a policy or a hybrid of the two types in a policy-supported push
- Set the radio button in the Portal Settings to either Recommended or Optional if you desire to put the package into Workspaces. If you’d like to automatically deploy the app, select Run automatically
- Change the Reboot Settings or Distribution and Patch settings if desired
- Set the schedule task settings with the appropriate start time
Apple in the Enterprise Moved 
Recent Comments