CELS Virtual Helpdesk

CELS Shared Services Systems Group

Documentation Search

Most Recent Dispatch

Site search

March mini-update: EDR (aka Crowdstrike) rollout update

by Stacey, Craig

Hey, look!  It’s spring, everyone! What’s your favorite part of spring arriving?  Mine is temps in the 30s with some rain!

I wanted to write a brief update on our Crowdstrike rollout across CELS, getting us in line with a whole slew of mandates and Presidential Directives.  For background, see the January announcement and March update.

The macOS rollout has gone well, but we need to make a small change.  When we pushed the update to machines we specified to install on next login so there was no chance of work disruption due to the short (1-2 second) network blip that happens when it installs.  So right now we’ve got a bunch of pending installs that aren’t completed, and we need to make progress there.  Next week we’re going to make a change for all managed and co-managed Macs so that if you haven’t got the package installed, you’ll get a notification popup allowing you to force the install or defer it.  You’ll be able to defer it twice, but then it’s going to need to be installed.  If you don’t get a chance to reboot or logout/login before then, all you need to do is make sure you’re in a spot where you can withstand a super brief network drop and hit the button to make it go.

We rolled this out to our managed Linux nodes last week and it worked like a champ.  We’re in the process of rolling it out to our managed Windows nodes as well.

Which brings us to the next step, self-managed Windows and Linux machines.  When I look at the report of hosts that are missing this, that’s where the bulk of the action is happening — or not happening to be accurate.  So I bring you a full set of instructions for self-managed machines.

Please see our docs on installing Crowdstrike on self-managed machines, and choose the appropriate operating system.  We’ve opened these instructions up to not require a login since the sensitive information is behind Box links.  For Windows, it’s just download the zip file, extract it, and run the install.bat file.  For Linux, it’s a little more of a manual operation, but if you’re the Systems Administrator on your own Linux box, you can handle this easy-peasy.

Please note, this software is not to be installed on non-Argonne hardware.  And do not share the activation keys with anyone outside Argonne.

Next week, I’ll start reaching out to people individually to wrap up the few stragglers we have.