How do I install the VigilEnt Security Agent for WebServer Detect/Prevent Plug-In for IIS? (NETIQKB31833)

goal
How do I install the VigilEnt Security Agent for WebServer Detect/Prevent Plug-In for IIS?

fact
VigilEnt Security Agent for WebServers 3.0

fact
VigilEnt Security Agent for WebServers 3.1.1

fix

If Detect/Prevent for IIS was not selected during the installation of VigilEnt Security Agent for WebServers 3.0, execute the following steps to enable the Detect/Prevent component on IIS servers.

1. From the install_dir\IDS\bin directory, execute the following command from a cmd.exe window:

   .\installDetectIIS.bat

   The batch file will execute commands to create web server configurations from the default templates for IIS, register the ISAPI filter with IIS, create the registry entry that points to the rule file, install the logging service used by Detect/Prevent for high-speed, optionally encrypted and non-repudiated logging, and adjust service dependencies to start the logging service before IIS.

2. Restart IIS by typing:

   iisreset /restart /timeout:600

   Use your normal timeout interval instead of 600 if you normally do not use the default setting (60 seconds).

3. Check the Application Log in the Event Viewer.

   1. Navigate to Control Panel | Administrative Tools | Event Viewer.

   2. Check the Application Log to look for startup messages or error messages. (Alternately, from a command line type: %SystemRoot%\system32\eventvwr.msc to access the Event Viewer console.)

To manually remove Detect/Prevent for IIS, first stop the IIS Admin Service from the Services Control Panel, then run the removeDetectIIS.bat file from a command window in the install_dir\ID\bin directory. Restart IIS with the iisreset/start command.

Formerly known as NETIQKB31833