Installing Trend Micro Deep Security solution in RHEL 8 with Oracle DB in Oracle linux 8.5, Part-1

The main motive of covering this blog is, one of our client wants us to install trend micro deep security manager in oracle db. Manager should be installed on rhel 8 and db should be installed on oracle db 19c.

The enough resource is not available on the internet so I thought why not to document this and share with the community. I will be covering the Part-2 of this which is deep security manager installation on the next blog. This one is focusing the complex part which is getting ready the DB environment. Product sizing is not the scope of this blog. You can knock me if you are stuck while sizing the dsm and db hardware resources.

The main step’s involved:

• Oracle linux 8.5 installation and rhel 8 installation.
• Install oracle db 19c on oracle linux 8.5
• Run the oracle provided script to install the database instance.
• Install sqlplus tool in oracle linux and sql developer tool in windows server.
• Connect to the db using the sqlplus or sql developer tool and create user with password for deep security manager to use. Also assign that user appropriate roles and permissions.
• Install deep security manager from rhel 8 and connect to the db.

So let’s get started:

We will not cover here how to install rhel 8 and oracle linux 8.5 because there are tons of videos available on YouTube to cover those. Please see that and get your environment ready. I assume that you have both the OS ready.

We are checking whether the package is available or not and which repo will give us the package. It is good practice to update your packages before commencing.

dnf update && upgrade -y

dnf whatprovides -y oracle-database-preinstall-19c

dnf install -y oracle-database-preinstall-19c

Pre-installation is done. After the installation, oracle user and some other necessary groups will be created.

Now we need to download the oracle database .rpm package which is almost 2.5 GB in size.

Oracle Database 19c Download for Linux x86-64

From the above link, you can download the database.

Installing the DB

yum -y localinstall oracle-database-ee-19c-1.O-1.x86_64.rpm

Now we will install sqlplus tool on the oracle linux 8.5 system. You are now in root. Change the oracle user password before switching into oracle user.

passwd oracle

Now login from the oracle user or you can switch from command line as well.

Giving oracle user root permission. You need to be on root to do that. Now switch again back to oracle user and give the following commands one by one.

Step 1: Download the Basic Package (ZIP) by using the following command:
wget https://download.oracle.com/otn_software/linux/instantclient/214000/instantclient-basic-linux.x64-21.4.0.0.0dbru.zip

Step 2: Download the SQL*Plus Package (ZIP) by using the following command:
wget https://download.oracle.com/otn_software/linux/instantclient/214000/instantclient-sqlplus-linux.x64-21.4.0.0.0dbru.zip 

Step 3: Make a new directory for the instant client.
sudo mkdir -p /opt/oracle

Step 4: Unzip the Basic Package in the newly-created directory.
sudo unzip -d /opt/oracle instantclient-basic-linux.x64-21.4.0.0.0dbru.zip

Step 5: Unzip the SQL *Plus Package in the newly-created directory.
sudo unzip -d /opt/oracle instantclient-sqlplus-linux.x64-21.4.0.0.0dbru.zip

Step 6: List out the file contents of the newly-created directory.
cd /opt/oracle/instantclient_21_4 && find . -type f | sort

Step 7: Set the LD_LIBRARY_PATH  in your ~/.bashrc source file.
export LD_LIBRARY_PATH=/opt/oracle/instantclient_21_4:$LD_LIBRARY_PATH

Step 8: Set the PATH env vars in your ~/.bashrc
export PATH=$LD_LIBRARY_PATH:$PATH

Step 9: Source your ~/.bashrc file
source ~/.bashrc

Step 10: Run sqlplus -V command to confirm it’s installed or not.
sqlplus -V

sqlplus tool is installed.

Now we will run the script provided by oracle to create our db instance from the root account. Our db instance name is ORCLCDB which is our SID. You can go through the script and change the values as per your need but we will go with the default.

cd /etc/init.d/

./oracledb_ORCLCDB-19c configure 

Now switch back again to oracle account because we need to add some lines of entry to the .bashrc file of oracle user.

export ORACLE_BASE=/opt/oracle/
export ORACLE_HOME=$ORACLE_BASE/product/19c/dbhome_1
export ORACLE_SID=ORCLCDB
export PATH=$ORACLE_HOME/bin:$PATH

Now give the following command:

source .bashrc

sqlplus / as sysdba

As you can see that we have successfully connected to the database and the database is running. When you reboot the system and connect with the db the same way, you may find that the db is saying; Connected to an idle instance. In that case you need to provide the startup command to start the db.

The same thing, db has to listen on port 1521. After the installation in our case, this is already running. But after rebooting the system you may find that the port is not running. In that case, you need to give lsnrctl start command to start the port. You can check whether the port is running or not using the following command:

netstat -tulpn | grep 1521

or

ss | grep 1521

Now we need to change the sys and system user password as the script created auto generated password. We will set the password as oracle for the simplicity because we are creating this lab for our RnD purpose.

Here we need to give another command otherwise you will face some problem while creating the user in db for deep security manager to use. So give the following command on the above shell:

SQL> alter session set "_ORACLE_SCRIPT"=true;

Now we will connect to the db from a windows server machine because on that windows server, we have installed sql developer tool. The same thing can also be done using sqlplus tool but I am not good at that, that is why I am preferring sql developer tool. Oracle machine ip is, 192.168.234.131 and windows server ip is 192.168.234.128

Making sure they are reachable. We also tried to telnet the db server over port 1521 but we failed. So from the oracle server, we disabled selinux and firewalld service. After that telnet worked.

Telnet connecting

Open sql developer tool and click on the Create a Connection Manually.

Click on the + icon from top left or create a connection manually

We have successfully connected to the db. Now we will create the user and password that deep security will use during installation and give that user appropriate permission’s as per deep security official docs.

https://help.deepsecurity.trendmicro.com/20_0/on-premise/database-configure.html?Highlight=oracle

Right click here

Click Create User

From Default Tablespace, we can select anything except TEMP and UNDOTBS1 and from Temporary Tablespace, select TEMP.

Granting CONNECT role

Granting RESOURCE role

Granting required permissions

Now when you click apply, then the user dsm will be created. Now we are all set. Now we can go for installing deep security manager. Download the deep security manager tool from the below link:

https://help.deepsecurity.trendmicro.com/software.html

chmod +x Manager-Linux-20.O.879.x64.sh

./Manager-Linux-20.O.879.x64.sh

Or

You can install the solution in CLI mode too. Open a text editor, paste the following fields and fill up the below fields value. Save it as PropertiseFile or any name you want.

https://help.deepsecurity.trendmicro.com/20_0/on-premise/manager-install-silent.html#Paramete

AddressAndPortsScreen.ManagerAddress=192.168.234.125 AddressAndPortsScreen.NewNode=True UpgradeVerificationScreen.Overwrite=False

LicenseScreen.License.-1=XY-ABCD-ABCDE-ABCDE-ABCDE-ABCDE-ABCDE DatabaseScreen.DatabaseType=Oracle DatabaseScreen.Hostname=192.168.234.131 DatabaseScreen.Transport=TCP

DatabaseScreen.DatabaseName=ORCLCDB DatabaseScreen.Username=DSM

DatabaseScreen.Password=oracle AddressAndPortsScreen.ManagerPort=4119 AddressAndPortsScreen.HeartbeatPort=4120 CredentialsScreen.Administrator.Username=masteradmin CredentialsScreen.Administrator.Password=Redhat@#1267 CredentialsScreen.UseStrongPasswords=False SecurityUpdateScreen.UpdateComponents=True SecurityUpdateScreen.Proxy=False

SecurityUpdateScreen.ProxyType=

SecurityUpdateScreen.ProxyAddress=

SecurityUpdateScreen.ProxyPort= SecurityUpdateScreen.ProxyAuthentication=False SecurityUpdateScreen.ProxyUsername= SecurityUpdateScreen.ProxyPassword= SoftwareUpdateScreen.UpdateSoftware=True SoftwareUpdateScreen.Proxy=False

SoftwareUpdateScreen.ProxyType=

SoftwareUpdateScreen.ProxyAddress=

SoftwareUpdateScreen.ProxyPort= SoftwareUpdateScreen.ProxyAuthentication=False SoftwareUpdateScreen.ProxyUsername= SoftwareUpdateScreen.ProxyPassword=

RelayScreen.Install=True SmartProtectionNetworkScreen.EnableFeedback=True

After completing the above information’s, execute below command one by one.

Command to check the readiness of the installation:
./Manager-Linux-20.0.716.x64.sh -t -q -console -Dinstall4j.language=en_US -varfile <PropertiesFile>

A report will be generated on the following location. Please check that before proceed. 
/tmp/DeepSecurityInstallerRepost.csv

Command to execute the main installation:
./Manager-Linux-20.0.716.x64.sh -q -console -Dinstall4j.language=en_US -varfile <PropertiesFile>

Hopefully your dsm should be installed now successfully. If you need any further assistance you are always welcome to knock me. Thanks to my colleague Amin Akber to help me a lot in this installation phase specifically at the time of sqlplus installation. :)

Microsoft SQL db configuration link:

https://mahim-firoj.medium.com/configure-sql-database-for-trend-micro-deep-security-manager-6fc505ff4917

Thanks. I hope this writeup will help you to install deep security manager without facing any difficulties. Please subscribe below.

LinkedIn:

https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/

YouTube:

https://www.youtube.com/@mahimfiroj1802/videos