McAfee MVISION Endpoint 1811 Installation Guide

Similar documents
McAfee MVISION Endpoint 1808 Installation Guide

Data Loss Prevention Discover 11.0

McAfee Application Control Windows Installation Guide. (McAfee epolicy Orchestrator)

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

Product Guide. McAfee Endpoint Upgrade Assistant 1.5.0

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator)

McAfee Client Proxy Installation Guide

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator 5.9.0)

Product Guide. McAfee Endpoint Upgrade Assistant 1.4.0

McAfee Endpoint Upgrade Assistant 2.3.x Product Guide

McAfee Endpoint Security Threat Prevention Installation Guide - macos

McAfee Endpoint Security Threat Prevention Installation Guide - Linux

McAfee Content Security Reporter Installation Guide. (McAfee epolicy Orchestrator)

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

Installation Guide. McAfee Web Gateway Cloud Service

McAfee Content Security Reporter 2.6.x Installation Guide

Installation Guide. McAfee Endpoint Security for Servers 5.0.0

McAfee Content Security Reporter 2.6.x Migration Guide

McAfee Endpoint Security

Migration Guide. McAfee Content Security Reporter 2.4.0

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

McAfee Content Security Reporter Release Notes. (McAfee epolicy Orchestrator)

McAfee epolicy Orchestrator 5.9.1

McAfee Rogue Database Detection For use with epolicy Orchestrator Software

McAfee Endpoint Security for Servers Product Guide. (McAfee epolicy Orchestrator)

McAfee File and Removable Media Protection Installation Guide

Product Guide Revision A. McAfee Client Proxy 2.3.2

McAfee Host Intrusion Prevention 8.0

McAfee MVISION Mobile epo Extension Product Guide

McAfee Application Control Windows Installation Guide

McAfee Endpoint Security for Servers Product Guide

McAfee Client Proxy Product Guide

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Mobile Microsoft Intune Integration Guide

McAfee Data Protection for Cloud 1.0.1

McAfee Investigator Product Guide

McAfee Firewall Enterprise epolicy Orchestrator Extension

Revision A. McAfee Data Loss Prevention Endpoint 11.1.x Installation Guide

McAfee Management for Optimized Virtual Environments AntiVirus 4.5.0

McAfee Endpoint Security Installation Guide. (McAfee epolicy Orchestrator)

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

McAfee MVISION Mobile Citrix XenMobile Integration Guide

Migration Guide. McAfee File and Removable Media Protection 5.0.0

McAfee Policy Auditor 6.2.2

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

McAfee Change Control and McAfee Application Control 8.0.0

McAfee Cloud Workload Security Product Guide

McAfee MVISION Mobile Microsoft Intune Integration Guide

McAfee MOVE AntiVirus Installation Guide. (McAfee epolicy Orchestrator)

Reference Guide. McAfee Security for Microsoft Exchange 8.6.0

McAfee Drive Encryption Client Transfer Migration Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Mobile IBM MaaS360 Integration Guide

McAfee Application Control Windows Installation Guide. (Unmanaged)

Addendum. McAfee Virtual Advanced Threat Defense

McAfee MVISION Mobile Silverback Integration Guide

McAfee Data Exchange Layer Product Guide. (McAfee epolicy Orchestrator)

McAfee Endpoint Security for Linux Threat Prevention Interface Reference Guide

Boot Attestation Service 3.0.0

McAfee MVISION Mobile IBM MaaS360 Integration Guide

McAfee Network Security Platform 8.3

McAfee Boot Attestation Service 3.5.0

McAfee MVISION Endpoint 1811 Product Guide

Product Guide. McAfee Web Gateway Cloud Service

Product Guide. McAfee Web Gateway Cloud Service

Best Practices Guide. Amazon OpsWorks and Data Center Connector for AWS

McAfee Agent 5.6.x Product Guide

McAfee MVISION Mobile AirWatch Integration Guide

McAfee Agent Interface Reference Guide. (McAfee epolicy Orchestrator Cloud)

Addendum. McAfee Virtual Advanced Threat Defense

McAfee File and Removable Media Protection 6.0.0

Archiving Service. Exchange server setup (2010) Secure Gateway (SEG) Service Administrative Guides

Installation Guide Revision B. McAfee Active Response 2.2.0

McAfee MVISION Mobile MobileIron Integration Guide

McAfee Application Control and McAfee Change Control Linux Product Guide Linux

McAfee Active Response 2.0.0

McAfee MVISION Endpoint 1808 Product Guide

McAfee epolicy Orchestrator Software

Total Protection Service

McAfee Endpoint Security

McAfee Threat Intelligence Exchange Installation Guide. (McAfee epolicy Orchestrator)

McAfee Threat Intelligence Exchange Installation Guide

Product Guide. McAfee Performance Optimizer 2.2.0

McAfee epolicy Orchestrator Installation Guide

Release Notes - McAfee Deep Defender 1.0

Firewall Enterprise epolicy Orchestrator

McAfee File and Removable Media Protection Product Guide

McAfee SiteAdvisor Enterprise 3.5.0

McAfee Application Control Linux Product Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Mobile Threat Detection Android App Product Guide

Installing Client Proxy software

McAfee Change Control and McAfee Application Control 6.1.4

McAfee Management of Native Encryption 3.0.0

McAfee Performance Optimizer 2.1.0

Product Guide. McAfee Content Security Reporter 2.4.0

McAfee Endpoint Security Installation Guide. (Unmanaged)

Cloud Workload Discovery 4.5.1

McAfee Network Security Platform

Release Notes for McAfee(R) Security for Microsoft Exchange(TM) Version 8.0 Copyright (C) 2013 McAfee, Inc. All Rights Reserved

McAfee Network Security Platform

Transcription:

McAfee MVISION Endpoint 1811 Installation Guide

COPYRIGHT Copyright 2019 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee EMM, Foundstone, McAfee LiveSafe, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, True Key, TrustedSource, VirusScan are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. 2 McAfee MVISION Endpoint 1811 Installation Guide

Contents 1 Installation overview 5 Which type of installation do you need?........................... 5 First-time installation workflow........................... 6 Upgrade installation workflow........................... 8 2 Planning your installation 11 Windows Defender Antivirus group policies......................... 11 Windows Defender Antivirus signature updates.................... 11 Windows Defender Firewall Management...................... 11 3 System requirements 13 4 Pre-installation tasks 15 Prepare your environment............................... 15 Remove Endpoint Security from the endpoints....................... 15 5 Install the software for the first time 17 Install the software using the Software Catalog....................... 17 Install the software manually.............................. 17 Install the extensions manually.......................... 17 Check in the client software package........................ 18 Deploy the software to managed systems......................... 18 Verify your installation................................ 19 Verify that Windows Defender Antivirus is running...................... 19 Test malware detection................................ 19 Testing software detection............................ 20 6 Upgrade to a new software version 21 Upgrade the software using Software Catalog........................ 21 Upgrade the software manually............................. 21 7 Troubleshooting installation 23 Examine the log files................................. 23 8 Remove the software 25 Remove the software from the endpoint.......................... 25 Remove the software from McAfee epo.......................... 26 Remove the extensions from McAfee epo......................... 26 McAfee MVISION Endpoint 1811 Installation Guide 3

Contents 4 McAfee MVISION Endpoint 1811 Installation Guide

1 Installation 1 overview The McAfee MVISION Endpoint software is installed on Microsoft Windows 10 systems and managed by McAfee epolicy Orchestrator (McAfee epo ) 5.9.0 and later. You only need to install two components to run MVISION Endpoint software. A.zip file with the five MVISION Endpoint extensions, installed on the McAfee epo server The MVISION Endpoint client, installed on your managed endpoints Install the MVISION Endpoint extensions on the McAfee epo server and the MVISION Endpoint client package (MVISION_Endpoint_Installer_x64_Release_1811_18.xx.x.xx.zip) on your managed endpoints. The MVISION Endpoint extensions are packaged in a.zip file (MVISION_Endpoint_bundled_ePO_extensions_1811_18.xx.x.xx.zip) which includes five product extensions: MVISION_Endpoint_epo_extn_1811_18.xx.x.xx.zip This extension is for product installation and deployment. Quarantine_Mgmt_epo_extn_1811_18.xx.x.xx.zip This extension enables quarantine management functionality. ProtectionWorkspace-services_1.0.0.xxx.zip This extension enables Protection Workspace services on the McAfee epo server. ProtectionWorkspace_1.0.0.xxx.zip This extension installs Protection Workspace on the McAfee epo server. MVISION_Endpoint_Updater_1.0.0.xx.zip This extension allows you to keep extensions and packages up to date as McAfee releases new versions of the product. Which type of installation do you need? MVISION Endpoint is installed and managed on McAfee epo. To install MVISION Endpoint, log on to McAfee epo as an administrator, install the extensions, check in the client package, and deploy MVISION Endpoint to managed systems. First-time installation For first-time installation, you can manage MVISION Endpoint with: On-premise McAfee epo For information about how to install on-premise McAfee epo, see the McAfee epo documentation on https://docs.mcafee.com. Hosted McAfee epo on Amazon Web Services (AWS) For information about how to install McAfee epo on AWS, see the McAfee epo documentation on https://docs.mcafee.com. McAfee MVISION epo SaaS For information about how to activate your MVISION epo account and log on to McAfee MVISION epo, see the McAfee MVISION epo documentation on https://docs.mcafee.com. McAfee MVISION Endpoint 1811 Installation Guide 5

1 Installation overview Which type of installation do you need? Upgrade from older products You can upgrade from: McAfee VirusScan Enterprise McAfee SiteAdvisor Enterprise McAfee Host Intrusion Prevention The MVISION Endpoint software packages and extensions must be installed on McAfee epo before you can deploy MVISION Endpoint to managed endpoints and configure MVISION Endpoint policies. First-time installation workflow The MVISION Endpoint software is installed on Microsoft Windows 10 systems and managed by McAfee epo 5.9.0 and later. When you install MVISION Endpoint for the first time, you must install server-side software on the McAfee epo server, then deploy the client software to managed systems. You only need to install two components to run MVISION Endpoint software: 6 McAfee MVISION Endpoint 1811 Installation Guide

Installation overview Which type of installation do you need? 1 A.zip file with the 5 MVISION Endpoint extensions, installed on the McAfee epo server The MVISION Endpoint client, installed on your managed endpoints If you install Endpoint Security version 10.5.5 or earlier, Endpoint Security version 10.6.0, or VirusScan Enterprise on an endpoint with MVISION Endpoint already installed, you will experience performance problems on the client system. Restart the system to deactivate MVISION Endpoint, uninstall Endpoint Security or VirusScan Enterprise, and restart the system to activate MVISION Endpoint. McAfee MVISION Endpoint 1811 Installation Guide 7

1 Installation overview Which type of installation do you need? Upgrade installation workflow Upgrade MVISION Endpoint software to the latest version. When you install the MVISION_Endpoint_Updater_1.0.0.xxx extension, as part of the bundled.zip file, a server task (MVISION Endpoint Update ) is added to Server s. It pulls the latest MVISION Endpoint software from the McAfee epo Software Catalog. Client components are automatically updated to the latest version available. By default, this task is enabled and runs daily. Upgrade using Software Catalog From the Software Catalog, check in, update, and remove managed product components from your server. You can use McAfee epo Software Catalog to upgrade the MVISION Endpoint software. If you use Software Catalog you don't need to access the McAfee Product Download website to retrieve new MVISION Endpoint software and software updates. 8 McAfee MVISION Endpoint 1811 Installation Guide

Installation overview Which type of installation do you need? 1 Upgrade manually If you want to install a specific version of MVISION Endpoint, you can install the extensions and client package on the McAfee epo server manually. McAfee MVISION Endpoint 1811 Installation Guide 9

1 Installation overview Which type of installation do you need? 10 McAfee MVISION Endpoint 1811 Installation Guide

2 Planning 2 your installation Windows Defender Antivirus group policies The Windows Defender Antivirus client is installed as a core part of Windows 10. It is important to consider group policies that are configured for Windows Defender Antivirus on your endpoints, and how they affect the MVISION Endpoint implementation. When using MVISION Endpoint to manage Windows Defender Antivirus or Windows Defender Firewall, it is important that you do not also use Domain Controller Group Policy or Microsoft System Center Configuration Manager (SCCM) Policy. Domain Controller and SCCM policies have higher precedence than MVISION Endpoint policies and result in the MVISION Endpoint policies being overwritten. Where conflicts arise, the Domain Controller or SCCM policies take precedence, and this results in undesirable behavior. For information about Windows Defender Antivirus deployments and policy configuration, see the documentation for the product. Windows Defender Antivirus signature updates You can configure the sources used by Windows Defender Antivirus to check for signature updates. Windows Defender Antivirus uses several methods to check for and download signature updates. Updates distributed from WSUS Updates distributed from Microsoft Update Updates distributed from Microsoft Malware Protection Center Updates from UNC file shares Select the methods you want to use in the MVISION Endpoint policy settings. To check for signature updates from UNC files shares, enter the UNC paths to be checked. See the McAfee MVISION Endpoint Product Guide for more information. Windows Defender Firewall Management You can use MVISION Endpoint to manage Windows Firewall. You can configure MVISION Endpoint-managed Windows Defender Firewall rules with MVISION Endpoint. When MVISION Endpoint is installed on Microsoft Windows 10 endpoints, MVISION Endpoint manages some of the Microsoft Windows Defender Firewall rules. Windows Firewall management is not enabled by default in MVISION Endpoint policies. If you want to use MVISION Endpoint to manage Windows Firewall, enable Windows Firewall management and enforce the policies on managed endpoints. For more information about the Firewall Rules policy, see the McAfee MVISION Endpoint Product Guide. McAfee MVISION Endpoint 1811 Installation Guide 11

2 Planning your installation Windows Defender Antivirus group policies 12 McAfee MVISION Endpoint 1811 Installation Guide

3 3 System requirements Check that the minimum system requirements are met before you install the MVISION Endpoint components. Operating system requirements MVISION Endpoint supports only 64-bit operating systems. Windows 10 version 1709, 64-bit Windows 10 version 1803, 64-bit Windows 10 version 1809, 64-bit Platform support McAfee epo 5.9.x and later McAfee Agent 5.0.6 and later McAfee Data Exchange Layer (DXL) 4.0 and later For more information about MVISION Endpoint supported platforms, environments, and operating systems, see KB90744. Minimum hardware requirements The following processor specifications are a recommended guideline, but are not a requirement: Memory size (RAM) 8 GB Processor (CPU) Intel i5-6xx McAfee epo scalability Make sure McAfee epo has sufficient capacity to manage the number of endpoints you want to deploy MVISION Endpoint to before you install the software. See the McAfee epo documentation on https://docs.mcafee.com for information about McAfee epo scalability. McAfee MVISION Endpoint 1811 Installation Guide 13

3 System requirements 14 McAfee MVISION Endpoint 1811 Installation Guide

4 Pre-installation 4 tasks Contents Prepare your environment Remove Endpoint Security from the endpoints Prepare your environment Before you install the software, make sure your environment is ready. 1 Check system requirements for information about products that are compatible with MVISION Endpoint. Make sure any managed endpoints where you deploy MVISION Endpoint meet these requirements. 2 Make sure McAfee Agent 5.0.6 or later is installed on all endpoints where you deploy the software. 3 Make sure that you are logged on to McAfee epo as an administrator. 4 Check if VirusScan Enterprise, SiteAdvisor Enterprise, or Host Intrusion Prevention are installed on the endpoints where you deploy MVISION Endpoint. These products are automatically uninstalled on the system when you deploy the software. 5 Check if Endpoint Security is installed on the endpoint before you deploy MVISION Endpoint. If it is, remove the software before you deploy MVISION Endpoint. 6 If you want to use the quarantine management functionality, make sure that DXL 4.0 or later is installed on all endpoints where you deploy MVISION Endpoint. Designing and configuring the DXL fabric can be a complex process. See the DXL documentation on https:// docs.mcafee.com for information about how to install DXL. 7 Review the known issues for this release. For a full list of known issues for MVISION Endpoint, see KB90738. Remove Endpoint Security from the endpoints If Endpoint Security is installed on your endpoints, and you want to install MVISION Endpoint, you must first remove the Endpoint Security software. Before you begin Disable Endpoint Security Exploit Prevention. You must also remove all Endpoint Security software and Endpoint Security Platform Common modules, including: McAfee MVISION Endpoint 1811 Installation Guide 15

4 Pre-installation tasks Remove Endpoint Security from the endpoints McAfee VirusScan Enterprise McAfee Endpoint Security Firewall McAfee Endpoint Security Web Control McAfee Endpoint Security Adaptive Threat Protection (ATP) If you are migrating from Endpoint Security endpoint products to MVISION Endpoint, remove any client deployment tasks that cause Endpoint Security to be redeployed to managed systems. If McAfee VirusScan Enterprise exclusions are configured as part of your environment, you must convert the exclusions to the MVISION Endpoint policy. For information about MVISION Endpoint exclusions policies, see the McAfee MVISION Endpoint Product Guide. 1 Select Menu Client s Client Catalog. 2 From the McAfee Agent navigation tree, select Product Deployment. 3 Click New and select Product Deployment from the Types drop-down list. a Complete the Name and Description fields. Windows is automatically selected as the target platform. b c From the Products and components drop-down list, select the Endpoint Security module to remove. Click + to remove multiple software packages. From the Action drop-down list, select Remove and click Save. The new task appears in the Product Deployment list. 4 Click Assign, select the system or group where you want to apply the client task then click OK. You can apply this task to a single system or to groups of managed systems in the System Tree. 5 Select the required options in Client Assignment Builder and click Save. 6 Windows Firewall is not automatically re-enabled when you remove Endpoint Security from the endpoint. Re-enable Windows Firewall on each endpoint to ensure a consistent level of protection. You can use MVISION Endpoint to configure MVISION Endpoint-managed Windows Defender Firewall rules. Windows Firewall management is not enabled by default in MVISION Endpoint policies. Endpoint Security is removed from the endpoint. 16 McAfee MVISION Endpoint 1811 Installation Guide

5 Install 5 the software for the first time Contents Install the software using the Software Catalog Install the software manually Deploy the software to managed systems Verify your installation Verify that Windows Defender Antivirus is running Test malware detection Install the software using the Software Catalog You can use the Software Catalog to install, upgrade, and remove the software. If you use Software Catalog to upgrade the software, you don't need to access the McAfee Product Download website to retrieve new MVISION Endpoint software and software updates. 1 In McAfee epo, select Menu Software Software Catalog. 2 Select the checkbox next to MVISION Endpoint. 3 Click Check In All. The MVISION Endpoint extensions and endpoint package are installed on the McAfee epo server. Install the software manually Contents Install the extensions manually Check in the client software package Install the extensions manually You must install the MVISION Endpoint extensions on the McAfee epo server before the product can be managed. The.zip file (MVISION_Endpoint_bundled_ePO_extensions_1811_18.xx.x.xx.zip) contains the extensions required to install MVISION Endpoint successfully. McAfee MVISION Endpoint 1811 Installation Guide 17

5 Install the software for the first time Deploy the software to managed systems 1 From the McAfee epo console, select Menu Software Extensions Install Extension. 2 Browse to select the.zip extension file (MVISION_Endpoint_bundled_ePO_extensions_1811_18.xx.x.xx.zip), then click OK. 3 Verify that the extensions appear in the Extensions list. a b Select McAfee MVISION Endpoint 1811 to view MVISION Endpoint and Quarantine Management extensions. Select epolicy Orchestrator to view Protection Workspace and MVISION Endpoint Updater extensions. Check in the client software package Check in the MVISION Endpoint client package to the Master Repository so that McAfee epo can deploy the software to your managed endpoints. Before you begin Make sure that the MVISION Endpoint client package is in an accessible location on the network. 1 Select Menu Software Master Repository. 2 Click Check in package. 3 Select the package type, then browse to and select the package file. 4 Click Next. 5 Click Save to begin checking in the package, then wait while the package is checked in. The package is checked in and appears in the Master Repository. Deploy the software to managed systems Deploy the MVISION Endpoint software to your Windows 10 endpoints. Before you begin You must install the MVISION Endpoint extensions and check in the MVISION Endpoint package before you deploy the software to managed endpoints. An MVISION Endpoint product deployment task is created automatically when you install MVISION Endpoint. When you assign this task to a system, the latest version of the client package that is checked in to McAfee epo is deployed to that system. 1 Select Menu Client s Client Catalog. 2 From the McAfee Agent navigation tree, select Product Deployment. The MVISION Endpoint client task Deploy MVISION Endpoint appears in the list. 3 Click Assign, then select the system or group where you want to apply the client task. 4 Click OK. 18 McAfee MVISION Endpoint 1811 Installation Guide

Install the software for the first time Verify your installation 5 5 Select the required options in the Client Assignment Builder. a Select Enabled in Schedule status. b Select Schedule type from the drop-down list. 6 Click Save. Verify your installation Use McAfee epo to check that MVISION Endpoint is installed on the endpoint. 1 Log on to McAfee epo. 2 Select Menu Systems System Tree. 3 Select the system you want to check. 4 Click the Products tab. 5 Verify that the version of MVISION Endpoint you installed appears in the list of products and that the status is successful. MVISION Endpoint is deployed to the endpoint successfully. Verify that Windows Defender Antivirus is running After MVISION Endpoint is installed, Windows Defender Antivirus is enabled automatically on the endpoint. 1 Open the Local Group Policy Editor on the endpoint. 2 Select Computer Configuration Administrative Templates Windows Components Windows Defender Antivirus from the policy tree. The Turn off Windows Defender Antivirus policy setting is under the Windows Defender Antivirus folders. 3 Open the Turn off Windows Defender Antivirus policy setting and make sure it's set to Disabled or Not configured. Test malware detection Check that MVISION Endpoint reports threat detections. Before you begin Enforce MVISION Endpoint default policies on endpoints. 1 Connect to the endpoint where MVISION Endpoint is deployed. 2 Navigate to http://www.eicar.org/. McAfee MVISION Endpoint 1811 Installation Guide 19

5 Install the software for the first time Test malware detection 3 Find the EICAR (European Institute for Computer anti-virus Research) Sample Virus. a Click Anti-Malware Testfile. b Navigate to The Anti-Malware Testfile section. c Copy the sample, which begins with X50. 4 Use Windows notepad to save the EICAR file to your Windows desktop. 5 Navigate to the McAfee epo dashboard. The Protection Workspace appears. 6 Expand Resolved Threats. 7 Click the Resolved Threats total or the Basic total. 8 Confirm that the sample file is listed as a threat in the activity list. The threat might take several minutes to appear in the Protection Workspace. Windows Defender Antivirus detects the threat. This information is listed under Analyzer. You can click the threat for Threat Details. Testing software detection Make sure that MVISION Endpoint is installed correctly and can communicate with McAfee epo. MVISION Endpoint Real Protect cloud scanning and client scanning must function correctly to ensure endpoints can communicate with the McAfee cloud for detections. For information about how to test MVISION Endpoint detections, see KB90863. 20 McAfee MVISION Endpoint 1811 Installation Guide

6 Upgrade 6 to a new software version Contents Upgrade the software using Software Catalog Upgrade the software manually Upgrade the software using Software Catalog Use the McAfee epo Software Catalog to upgrade the MVISION Endpoint components on the McAfee epo server. 1 In McAfee epo, select Menu Software Software Catalog. 2 Select the checkbox next to MVISION Endpoint. The MVISION Endpoint client package and.zip extension bundle are selected automatically. 3 If an upgrade version is available, Update All appears in the Actions column. Click Update All. 4 Review the information in the Update pane. 5 Click Update to upgrade to the latest available version of MVISION Endpoint. When the upgrade is complete, the MVISION Endpoint Status is Up to date. Upgrade the software manually Install the updated extensions and client package on the McAfee epo server manually to upgrade the MVISION Endpoint software. Before you begin Save the updated files to an accessible location on the network. 1 In McAfee epo, select Menu Software Extensions Install Extension. 2 Browse to select the.zip extension file (MVISION_Endpoint_bundled_ePO_extensions_1811_18.xx.x.xx.zip). The updated extensions appear under Install Package on the Extensions page. Click OK. McAfee MVISION Endpoint 1811 Installation Guide 21

6 Upgrade to a new software version Upgrade the software manually 3 Verify that the updated extensions appear in the Extensions list. a Select McAfee MVISION Endpoint 1811 to view MVISION Endpoint and Quarantine Management extensions. b Select epolicy Orchestrator to view Protection Workspace and MVISION Endpoint Updater extensions. The updated extensions are checked in to the McAfee epo server. 4 Select Menu Software Master Repository. 5 Click Check in package. 6 Select the package type, then browse to and select the package file. 7 Click Next. 8 Review the package information and click Save. The updated client software package is checked in to the McAfee epo server. MVISION Endpoint components are upgraded on the McAfee epo server. When you installed MVISION Endpoint for the first time, a Deploy MVISION Endpoint task was created automatically. When you upgrade MVISION Endpoint, this task deploys the new version of the software, and retains previous settings, including system assignments and scheduling information. 22 McAfee MVISION Endpoint 1811 Installation Guide

7 7 Troubleshooting installation Examine the log files If the software installation or software removal fails, check the log files on the endpoint. 1 Navigate to c:\windows\temp\mcafeelogs. 2 Open the log files: MveInstall.log (processes performed by the installer) MVEUninstall log (processes performed by the uninstaller) These log files are saved as text files and are the primary MVISION Endpoint log files for installing and uninstalling the software. They document each process that the MVISION Endpoint installer or uninstaller performs. 3 Examine the log files and identify the errors that occurred. Starting from the top of the file, you can see the MVISION Endpoint product installer start. The installer then runs preinstall actions and removes incompatible products. For each process, you can see the command line, registry entries, and return codes. McAfee MVISION Endpoint 1811 Installation Guide 23

7 Troubleshooting installation Examine the log files 24 McAfee MVISION Endpoint 1811 Installation Guide

8 8 Remove the software Contents Remove the software from the endpoint Remove the software from McAfee epo Remove the extensions from McAfee epo Remove the software from the endpoint Use McAfee epo to uninstall MVISION Endpoint from managed endpoints. Create a task in McAfee epo to uninstall MVISION Endpoint. 1 Select Menu Client s Client Catalog. 2 From the McAfee Agent navigation tree, select Product Deployment. 3 Click New and select Product Deployment from the Types drop-down list. a Complete the Name and Description fields. Windows is automatically selected as the target platform. b c d From the Products and components drop-down list, select MVISION Endpoint 18.11.x.xx. From the Action drop-down, select Remove. Click Save. The new task appears in the Product Deployment list. 4 Click Assign, then select the system or group of systems where you want to apply the client task. 5 Click OK. 6 Select the required options in Client Assignment Builder and click Save. 7 Check the Windows 10 Control Panel on the endpoint to verify that the product is removed from the endpoint. McAfee MVISION Endpoint 1811 Installation Guide 25

8 Remove the software Remove the software from McAfee epo Remove the software from McAfee epo Remove the MVISION Endpoint software package from the McAfee epo server. 1 Log on to the McAfee epo server as an administrator. 2 Select Menu Software Master Repository. The Master Repository page displays the list of software packages and their details. 3 Select the software and click Actions Delete Package. The software is removed from the McAfee epo server. Remove the extensions from McAfee epo Remove MVISION Endpoint and Protection Workspace extensions from the McAfee epo server. 1 Log on to the McAfee epo server as an administrator. 2 Select Menu Software Extensions. Click MVISION Endpoint to view MVISION Endpoint and Quarantine Management extensions. Click epolicy Orchestrator to view Protection Workspace extensions. The Extensions page appears with the extension name and version details. 3 Click Remove next to the extensions you want to remove. 4 When prompted to confirm, click OK. 26 McAfee MVISION Endpoint 1811 Installation Guide

0-00

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback