Can MetaDefender Endpoint be distributed using a golden image, cloned VMs or AMIs?
This article applies to all MetaDefender Endpoint releases deployed on Windows, Linux, macOS, iOS and Android systems.
A golden image is a pre-configured template or archetype for a virtual machine that can be applied to servers, hard drives and desktops.
The object is to allow administrators to deploy several remote desktops, remote applications and virtual machines based on a single master image.
Yes.
The MetaDefender Endpoint can be distributed using a golden system image, but an additional step must be taken to avoid issues with devices reporting to MetaDefender IT Access servers.
Whenever the MetaDefender Endpoint starts, it looks at the registry or file system to determine whether an MetaDefender Endpoint unique device ID already exists.
- Should the Client find one, it will use this to report to the MetaDefender IT Access servers.
If multiple managed devices report to the MetaDefender IT Access servers using the same device ID, these reports will overwrite each other based on which report was issued most recently.
- Alternatively, if no device ID is found, the MetaDefender Endpoint will simply generate a new one.
To facilitate the second outcome above, when creating a golden image on Windows systems, the device ID must be removed either from the source image or from the new devices (i.e, before or after cloning).
On Linux systems, a unique solution is available that allows the golden image to be created before the device ID is assigned.
On Android, iOS and macOS, no action is needed, as a new device ID is generated automatically for each device.
Preparing an image for Windows systems
Option 1 (preferred): removing the device ID before cloning
- Install the MetaDefender Endpoint on your source device.
- Stop MetaDefender Endpoint service/s on the source device, following the recommended process for your OS.
- (Optional) Delete the source device via the MetaDefender IT Access Console.
- Image the source device.
- Create new device/s from the source image.
- Start the new device/s.
Option 2: removing the device ID after cloning
- Install the MetaDefender Endpoint on your source device.
- Stop MetaDefender Endpoint service/s on the source device, following the recommended process for your OS.
- Image the source device.
- Create new device/s from the source image.
- Start the new device/s.
Device ID removal instructions for Windows systems
Automatically
- Download the Remove Gears UID .exe utility Here
- Run the exe.
Manually
Windows 32-bit
- Open a command prompt as administrator and run: sc stop opswatgearshelper
- Also in the prompt, enter: sc stop waondemand
Next, you must delete the device ID from the registry as follows:
- Open Regedit.
- Browse to \HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Gears Client\Config.
- Open the key named uuid and delete the value.
- Finally, open the key named HWID and delete the value.
Windows 64-bit
- Open a command prompt as administrator and run: sc stop opswatgearshelper
- Also in the prompt, enter: sc stop waondemand
Next, you must delete the device ID from the registry as follows:
- Open Regedit.
- Browse to \HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\OPSWAT\Gears Client\Config.
- Open the key named uuid and delete the value.
- Finally, open the key named HWID and delete the value.
If you have followed the instructions above but are having Issues Distributing The MetaDefender Endpoint Via A Golden System Image, please open a Support Case with the OPSWAT team via phone, online chat or form, or feel free to ask the community on our OPSWAT Expert Forum.