When I tried installing Traps agent 4.2.0 , it rolled back the installation after it failed to start cyvera service. Then I disabled driver signature enforcement in windows and tried installing it, I was able to install agent without any issues. But when I restarted the machine again, Driver signing enforcement turned on and the Traps Agent services failed to start.
We have installed traps on 300+ endpoints and most of them are Windows 10 Machines.
Currently only this one machine is having this issue. Earlier, during the initial deployment, I had issues with installation on couple of machines, but they all got resolved when I installed them in diagnostic boot with driver signing off.
Again, when I tried disabling driver signing using BCDedit command, ( bcdedit /set nointegritychecks on ) I got error that the SecureBoot is enabled and it should be disabled to change Driver signing settings. When I rebooted the PC with Secure Boot disabled from BIOS, Traps started function normally, even with driver signing enforcement Enabled.
It would be great if anyone can help me understand why did I faced this issue?
- Is it the known issue in 4.2.0 ?
- Will the Secure boot in windows will be enabled or disabled by default in windows?
- How can the secure boot or driver signing enforcement affect the Traps agent installation?
It would be advised that you reach out to Palo Alto Network Endpoint Support. They can help you deep dive into the issue for better understanding and assist with the resolution.
I could able to test the installation of Traps agent on endpoint with SecureBoot enabled. I could install it without any hassle. Also I verified disabling it and install, I did not find any difference.
Also I verified enabling and disabling Driver Signing Enforcement and install the agent. I could able to install the agent and it is communicating with the ESM server.
Below is the screenshot for the same.
May be the issue was with one perticular endpoint. Couldnt really get the root cause.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!