Bitdefender Endpoint Security Tools for Linux provides malware protection for most popular Linux operating systems using on-access and on-demand scanning. Depending on your license, an Endpoint Detection and Response (EDR) module may also be available.

• System requirements
• Licensing
• Installing
• Scanning
• Troubleshooting

System requirements

Supported Linux operating systems:

• Ubuntu 14.04 LTS or higher
• Red Hat Enterprise Linux / CentOS 6 or higher
• SUSE Linux Enterprise Server 11 SP4 or higher
• OpenSUSE Leap 42.x
• Fedora 25 or higher
• Debian 8.0 or higher
• Oracle Linux 6.3 or higher
• Amazon Linux AMI 2016.09 or higher

On-access scanning is available for supported operating systems as follows:

• Kernel 2.6.38 or higher - Supports all Linux distributions. The fanotify kernel option must be enabled. 
• Kernel 2.6.32 - 2.6.37 - CentOS 6.x Red Hat Enterprise Linux 6.x - Bitdefender provides support via DazukoFS with prebuilt kernel modules.

Additional prerequisites:

• Fedora 28 or higher
  Install the libnsl package, by running the following command:
  sudo dnf install libnsl -y
• Debian 8
  Fanotify must be enabled and set to enforcing mode and then the kernel package must be rebuilt.
• Active Directory integration
  When integrating Linux endpoints with an Active Directory domain via the System Security Services Daemon (SSSD), ensure that the ldbsearch tool is installed.
• CentOS
  For minimal installations of CentOS install the libnsl package, by running the following command:
  sudo yum install libnsl

Licensing

Linux endpoints use license seats from the pool of licenses for server operating systems.

Installing

You can install Bitdefender Endpoint Security Tools on a Linux machine using:

• An installation task from the GravityZone Control Center > Network inventory section.
• Manual installation via a installation package downloaded from the Control Center:
  1. Copy the archive to the Linux machine and unpack it.
  2. Run the following commands:
  # chmod +x installer
  # ./installer

Scanning

Bitdefender Endpoint Security Tools for Linux provides on-access scanning for a number of preconfigured system directories. To review this list or add other directories to be scanned:

1. Choose a policy from the Control Center > Policies page.
2. Go to the Antimalware > On-Access section.
3. Next to On-access Scanning, click Settings.
4. Click Advanced.
5. Configure which folders the agent should scan constantly.

Additionally, you can schedule Full / Custom / Quick Scan tasks by using these steps:

1. Choose a policy from the Control Center > Policies page.
2. Go to the Antimalware > On-Demand section.
3. Click the +Add button.
4. Select a scan type. With the Custom Scan type you can configure scan options and folders to be scanned in detail.
5. Configure the scan task scheduling options as needed.
6. Configure scan options and target as needed.
7. Click the Save button.

To manually scan Linux endpoints:

• Run the task from the Control Center > Network inventory, by right-clicking the target machine and selecting Tasks > Scan.
• Start the scan task locally using the command line interface. For more information, refer to the Linux User Guide.

Troubleshooting

You can check Bitdefender Endpoint Security Tools services by running the following commands:

bd status - to check services status
bd start - to start services
bd stop - to stop services
bd restart - to restart services

Other commands:

To detect any system proxy:
/opt/BitDefender/bin/bdconfigure getsystemproxy

To check all of the versions that were previously installed on the machine as well as the current one, open vhist.dat:
/opt/BitDefender/etc/vhist.dat
 

• Generate BEST Linux Support Tool Log
• Bitdefender Endpoint Security Tools Compatibility with Debian 8