Preparing a Golden Image with AMP for Endpoints Windows
This document describes the steps to prepare a 'Golden Image' for deploying Advanced Malware Protection (AMP) for Endpoints on hosts. This will work with Virtual Machines (VM) or Hardware 'Golden Image' use. A 'Golden Image' is used for the installation of the AMP for Endpoints connector on multiple hosts from one image file.
Knowledge of navigating and editing Windows Registry.
Using Windows OS command prompt.
Knowledge of Virtual environments.
Note: On AMP for Endpoints Windows Connector 6.3.1, a new install feature flag has been added. This will allow you to install the AMP Connector without the connector registering or causing issues with duplication in your deployment.
When using the installer, the new flag to use for golden images is /goldenimage [1|0]
0 - Default Value - this value will not trigger the golden image option, operates just as if the installer was run without the option at all. Does not skip Initial Connector registration and startup on install.
After the 'Golden Image' has had applications installed, system prepped and AMP has been installed with the /goldenimage flag, the host is ready to be frozen and distributed. Once the cloned host boots up, AMP will then start and register to the cloud. No further action is required with regards to configuring the connector, unless there are changes that you want to make to the policy or host.
The flag prevents the AMP connector from starting and registering on the base image; and, so on the next start of the image, the connector will be in the functional state it was configured to be in by the policy assigned to it.
Note: In case the Golden Image is restarted or if the AMP services are started, please follow this article to reconfigure the Golden Image.