How do I install the VigilEnt Security Agent for WebServer Detect/Prevent Plug-In for IIS?
VigilEnt Security Agent for WebServers 3.0
VigilEnt Security Agent for WebServers 3.1.1
If Detect/Prevent for IIS was not selected during the installation of VigilEnt Security Agent for WebServers 3.0, execute the following steps to enable the Detect/Prevent component on IIS servers.
- From the
install_dir\IDS\bindirectory, execute the following command from a
The batch file will execute commands to create web server configurations from the default templates for IIS, register the ISAPI filter with IIS, create the registry entry that points to the rule file, install the logging service used by Detect/Prevent for high-speed, optionally encrypted and non-repudiated logging, and adjust service dependencies to start the logging service before IIS.
- Restart IIS by typing:
iisreset /restart /timeout:600
Use your normal timeout interval instead of 600 if you normally do not use the default setting (60 seconds).
- Check the Application Log in the Event Viewer.
- Navigate to Control Panel | Administrative Tools | Event Viewer.
- Check the Application Log to look for startup messages or error messages. (Alternately, from a command line type:
%SystemRoot%\system32\eventvwr.mscto access the Event Viewer console.)
To manually remove Detect/Prevent for IIS, first stop the IIS Admin Service from the Services Control Panel, then run the
removeDetectIIS.bat file from a command window in the
install_dir\ID\bin directory. Restart IIS with the