When creating a base image with a Malwarebytes Endpoint Security installation, the Malwarebytes installer should be prevented from connecting to the internet before the image is generalized by Sysprep. This may be easier to accomplish if the Malwarebytes installation is saved for the last step when configuring an image.
If the managed client is allowed to reach the internet and check into Malwarebytes servers, a unique software ID will be assigned to the managed client machine. As a result, any other machine spun up from this image will be a duplicate entry of the original ID accidentally assigned to your base image's Malwarebytes installation.
There are two parts to the process: create the installer, and install Malwarebytes on your base image.
Create the installer
- Follow steps 1–5 in this article: Create an installation package for Malwarebytes Endpoint Security.
- After exporting the package in step 5, return to this article and continue to the next section.
Install Malwarebytes on your base image
- Copy the installer to the base image environment. Do not attempt to run this installer from a mapped drive or folder share.
- Disconnect your base image environment from the network.
- Run the ClientSetup installer.
- If you need to add proxy information, see Create or change a policy in Malwarebytes Management Console.
- If you require a network connection to complete other tasks before Sysprep, stop the agent service to avoid automatic ID assignment:
- Open services.msc.
- Right-click on MEEClientService and select Stop.
- It is now safe to re-enable network connectivity for the base image machine.
- When installation is complete and the agent is on the base image machine, you may safely perform Sysprep generalization and subsequent image capture.
- When ready to deploy your new base image, be sure to test it on 2 or 3 machines first to ensure the managed client does not encounter any issues.
Once the image is deployed and the endpoint user logs into Windows, the Malwarebytes Managed Client communicator:
- Performs a check-in
- Receives an ID assignment
- Configure itself in accordance with its assigned policy