Question & Answer
Question
Recent Windows STAP V9 has a WFP driver but can't choose the driver during GUI installation. How to install Windows STAP V9 with WFP driver?
Cause
Windows STAP V10 uses WFP driver, but V9 doesn't use it as a default, even in the latest revision. You need to do a special way to install Windows STAP V9 with WFP driver.
Answer
If Windows S-TAP is already installed in the system, make sure to uninstall it and reboot the system to clear all drivers out of the system before the installation.
Please prepare a text file which stores tap_ip (DB Server IP) and sqlguard_ip (collector's IP) first, then run Windows STAP V9 installer from command prompt, without using GUI. Here is the details steps.
1. Download the latest revision of Windows STAP V9.
- For example, r81669 is the latest as of Nov. 16, 2015.
2. Create a file and put the DB server IP and collector's IP
- Here is an example.
C:\tmp>type a.txt windowshostname xxx.xxx.xxx.xxx yyyy.yyy.yyy.yyy C:\tmp> |
3. Run Windows STAP V9 setup.exe with parameters like this.
C:\tmp>cd Windows_Stap_r81669_Installer C:\tmp\Windows_Stap_r81669_Installer>setup /s /z"windowshostname;C:\Program Files (x86)\IBM\GUARDIUM_STAP;c:\tmp\a.txt; WFP=1 LHMON=0 NamedPipes=1 START=1" C:\tmp\Windows_Stap_r81669_Installer> |
Make sure that you defined windowshostname in step 1, and you specified the file with the full path (c:\tmp\a.txt) when you run setup.exe
The above example will install Windows STAP into "C:\Program Files (x86)\IBM\GUARDIUM_STAP" directory, which is the default installation directory.
Note that the setup.exe command will be returned soon, and the actual installer will run in background. You can check the installation status by viewing c:\guardiumStapLog.txt.
4. (Optional) After the installation, open a Windows command prompt and run "driverquery | findstr WfpMonitor" to see if it's loaded.
C:\>driverquery | findstr WfpMonitor WfpMonitor Security Guardium Wind Kernel 7/29/2015 12:20:38 PM C:\> |
[NOTE] WFP driver supports Windows 2008 SP2 or later ( which includes Windows 2008 R2). It doesn't support Windows 2003 and Windows 2008 (non SP2, non R2).
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg21971078