FireEye is a new Endpoint Detection and Response (EDR) system that is replacing the usage of traditional anti-virus software on campus. It will be required on all University-owned computers by June 30th, 2021.
FireEye runs on Windows, Mac and Linux. FireEye is for University-owned machines only.
NOTE: Other third-party antivirus programs must be uninstalled before installing FireEye. Specific install instructions may vary depending on the distribution of Linux in use.
sudo /opt/fireeye/bin/xagt -i /path/to/agent_config.json
sudo systemctl start xagt
sudo service xagt start
for some distributions and versions of Linux.sudo systemctl enable xagt
Email itsec-consulting@umd.edu to get more information regarding installing the agent on Linux. At this time, we recommend installing the agent only on Linux desktop machines and to contact us for assistance with testing before installing on Linux server machines.
ps -ef | grep xagt
/opt/fireeye/bin/xagt -v
As part of the FireEye agent's endpoint detection and response capabilities, the agent will collect information when an alert is triggered for remediation purposes.
Information collected may include agent event data, list of running processes, event or system log data, file system data, network data, system information data or other relevant elements.