McAfee epolicy Orchestrator Release Notes

Similar documents
McAfee epolicy Orchestrator Release Notes

McAfee Security for Microsoft Exchange Hotfix Release Notes

McAfee epolicy Orchestrator 5.x

McAfee epolicy Orchestrator Update 2

McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

McAfee Security for Microsoft SharePoint Hotfix

McAfee Content Security Reporter Release Notes. (McAfee epolicy Orchestrator)

Mcafee epo. Number: MA0-100 Passing Score: 800 Time Limit: 120 min File Version: 1.0

Product Guide. McAfee Endpoint Upgrade Assistant 1.4.0

Network Security Platform 8.1

McAfee Network Security Platform 8.1

Endpoint Intelligence Agent 2.2.0

McAfee Endpoint Security

Release Notes McAfee Change Control 8.0.0

McAfee Endpoint Upgrade Assistant 1.5.0

Network Security Platform 8.1

Network Security Platform 8.1

McAfee Client Proxy Product Guide

McAfee Endpoint Security

Release Notes McAfee Change Control 7.0.0

McAfee Network Security Platform 9.1

Product Guide. McAfee Endpoint Upgrade Assistant 1.5.0

Release Notes McAfee Application Control 6.1.2

McAfee Red and Greyscale

McAfee Network Security Platform 9.1

McAfee Policy Auditor Installation Guide

McAfee Data Loss Prevention Endpoint

Resolution: The DataChannel servlet no longer stops working, regardless of the state of the DataChannel extension.

Network Security Platform 8.1

es T tpassport Q&A * K I J G T 3 W C N K V [ $ G V V G T 5 G T X K E G =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX *VVR YYY VGUVRCUURQTV EQO

McAfee Content Security Reporter 2.6.x Migration Guide

McAfee Data Protection for Cloud 1.0.1

Migration Guide. McAfee Content Security Reporter 2.4.0

McAfee Network Security Platform 9.1

NGFW Security Management Center

McAfee Drive Encryption Administration Course

McAfee Application Control/ McAfee Change Control Administration

NGFW Security Management Center

Product Guide. McAfee Performance Optimizer 2.2.0

Release Notes McAfee Application Control 6.1.0

McAfee Host Intrusion Prevention Administration Course

McAfee Network Security Platform

MA0-100.exam.83q MA0-100 McAfee Certified Product Specialist-ePO

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator 5.9.0)

McAfee Performance Optimizer 2.1.0

McAfee Endpoint Security Threat Prevention Installation Guide - Linux

McAfee Security-as-a-Service

McAfee Firewall Enterprise epolicy Orchestrator Extension

McAfee Network Security Platform 9.2

Clearspan Hosted Thin Call Center R Release Notes JANUARY 2019 RELEASE NOTES

Network Security Platform 8.1

McAfee Gateway Appliance Patch 7.5.3

McAfee Network Security Platform 8.3

McAfee Agent Interface Reference Guide. (McAfee epolicy Orchestrator Cloud)

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.3

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator)

POC Installation Guide for McAfee EEFF v4.2.x using McAfee epo 4.6 and epo New Deployments Only Windows Deployment

McAfee Application Control Windows Installation Guide. (McAfee epolicy Orchestrator)

Deploying the hybrid solution

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

McAfee File and Removable Media Protection Installation Guide

McAfee MVISION Endpoint 1808 Installation Guide

McAfee Management for Optimized Virtual Environments AntiVirus 4.5.0

McAfee MVISION Endpoint 1811 Installation Guide

NGFW Security Management Center

McAfee Firewall Enterprise and 8.3.x

NGFW Security Management Center

McAfee Data Loss Prevention 9.2.2

McAfee Exam MA0-100 McAfee Certified Product Specialist-ePO Version: 7.0 [ Total Questions: 157 ]

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

McAfee File and Removable Media Protection 6.0.0

McAfee File and Removable Media Protection Product Guide

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

NGFW Security Management Center

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Data Loss Prevention Endpoint

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

Client Proxy interface reference

McAfee Application Control Linux Product Guide. (McAfee epolicy Orchestrator)

McAfee Cloud Workload Security Product Guide

Network Security Platform 8.1

McAfee Data Loss Prevention Prevent 11.1.x Release Notes

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

McAfee Endpoint Security Threat Prevention Installation Guide - macos

Migration Guide. McAfee File and Removable Media Protection 5.0.0

Network Security Platform 8.1

McAfee Enterprise Security Manager 10.3.x Release Notes

Network Security Platform 8.1

McAfee Network Security Platform 8.3

============================================================

Reference Guide. McAfee Security for Microsoft Exchange 8.6.0

McAfee Network Security Platform 9.1

Client Proxy interface reference

McAfee Network Security Platform 8.3

Product Guide Revision A. McAfee Client Proxy 2.3.2

McAfee Network Security Platform 8.3

Boot Attestation Service 3.0.0

McAfee Data Loss Prevention Endpoint 10.0

Transcription:

McAfee epolicy Orchestrator 5.9.1 Release Notes Contents About this release What's new Resolved issues Known issues Installation information Getting product information by email Where to find product documentation About this release This document contains important information about the current release. We recommend that you read the whole document. Release build 5.9.1 Purpose This release adds enhancements and fixes problems that were reported in the previous version. Rating Mandatory Mandatory Critical High Priority Recommended Required for all environments. Failure to apply Mandatory updates might result in a security breach. Mandatory patches and hotfixes resolve vulnerabilities that might affect product functionality and compromise security. You must apply these updates to maintain a viable and supported product. 1

For more information, see KB51560. Upgrade paths At the time of the current release, you can upgrade these versions to McAfee epolicy Orchestrator (McAfee epo ) 5.9.1: McAfee epo 5.1.3 McAfee epo 5.3.3 McAfee epo 5.3.1 McAfee epo 5.9.0 McAfee epo 5.3.2 For information about supported upgrade paths for McAfee epo, see KB86693. Updated components The current release upgrades these components. Apache Http Server 2.4.28 Apache Tomcat 7.0.82 Java Runtime 1.8.0_152 OpenSSL 1.0.2l Supported platforms The current release is compatible with these platforms. Operating System and Agent Handler Support Windows 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Database Microsoft SQL Server and SQL Express Edition 2008 SP1 Microsoft SQL Server and SQL Express Edition 2008 R2 Microsoft SQL Server and SQL Express Edition 2012 Microsoft SQL Server and SQL Express Edition 2014 Microsoft SQL Server and SQL Express Edition 2016 Browser Support Internet Explorer 8.0 or later (including full support for compatibility mode) Firefox 24.0 or later Chrome 30.0 or later Safari 7.0 or later Microsoft Edge (Spartan browser) This version of McAfee epo requires enabling TLS 1.1 or 1.2 support on your browser. 2

For information about supported platforms, environments, and operating systems for McAfee epo, see KB51569. What's new The current release of the product includes these enhancements and changes. Replaced Oracle Java Runtime Environment with Azul Zulu JRE The current release replaces the Oracle Java Runtime Environment with the Azul Zulu JRE in McAfee epo. Removed SQL Express from McAfee epo installer The McAfee epo installer no longer provides the option to install SQL Express. SQL Express can still be used with McAfee epo, but it must be installed separately. Interface changes to Software Manager This graphic shows the changes to the Software Manager interface. Added License Key, Edit link At the bottom of the Product Categories tree, next to License Key, click Edit to navigate to the Edit License Key page. There you can edit and save your software license key. The actions that previously appeared in the component description are moved to blue bar above the component list table. Interface changes to Product Deployment This graphic shows the changes to the New Deployment interface. 3

Choose the type of deployment These configuration settings were removed and the setting is now configured automatically. In Select your software, the + and were replaced with the + Add another package link at the bottom of the section. In Select the systems, Select Individual Systems, and Select by Tag or Group to display options for selecting systems. 4

Select Deployment was added and includes: Auto Update Previously part of Choose the type of deployment. Allow end users to postpone this deployment (Windows only) Previously part of Select the systems. Maximum number of postponements allowed Previously part of Select the systems. Option to postpone expires after (seconds) Previously part of Select the systems. Display this text Previously part of Select the systems. Reworded option Select a start time to Start time. Interface changes to Dashboards This graphic shows the changes to the Dashboards interface. A bell icon appears in the title bar, next to Log Off. A red icon indicates that software updates are available to download. By default, the icon is grey. Click the icon and the Software Manager page opens. Hover over the bell icon to show the software update status. Database Flattened the database views The current release has reduced the number of database tables. Resolved issues The current release of the product resolves these issues. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. 5

Security fixes 1176825 This release addresses several cross-site scripting (XSS) vulnerabilities. 1179499 This release updates the RSA SSL-J and Crypto-J libraries. 1192218 This release updates Apache Http Server to 2.4.27. 1193405 This release signs files with an SHA-2 certificate. 1196591 This release updates OpenSSL to 1.0.2k to address several vulnerabilities. See McAfee SB10197, epolicy Orchestrator is vulnerable to Sweet32 vulnerability (CVE-2016-2183), for details. 1210887 This release adds TLS 1.2 support for McAfee epo outbound connections. 1212417 This release addresses a CVE-2007-6750 vulnerability. 1213891 Windows Authentication now correctly functions after disabling SMBv1. Client and server tasks 1147067 When a client task is created or edited by a user who does not have administrator rights, the Owner group is no longer incorrectly set to Administrators. 1182958 You can now run an external command as a server task action without the next action starting before the command completes. 1190211 Server tasks configured to run client tasks on the results of a query are no longer categorized as failed if the query returns no results. 1198430 When multiple McAfee epo servers are registered with policy sharing enabled, the Synchronize Shared Policies server task now continues to execute if it can't connect to a registered server. 1209063 Client tasks no longer inherit settings from the My Organization level when inheritance was broken at a lower group. 1209066 In some cases, saving a policy causes the McAfee epo console to become unresponsive for 15 or more minutes. This release resolves this issue. 1211700 The randomization setting in the sub-action under the Wakeup Agent, Run Client Task Now, and Client Task Assignment server tasks is now enforced correctly. 1211789 Opening a client task no longer takes an unusually long time. 1212397 If you try to create a client task with a name that is already used, you're notified and the Save button is disabled. Database 1185912 The McAfee epo console is no longer slow to edit or save certain custom queries due to inadequate indexing on the EPOServerEventsMT table in the database. 1195177 When an Active Directory synchronization task syncs with a large number of systems, the McAfee epo server can reach a MAX connection state, rejecting new agent-server communication requests until the task is complete. This release resolves this issue. 1210653 You can now successfully convert Universal Time Coordinated (UTC) to Eastern Standard Time (EST). 1211146 If the SQL Server is running long transactions, the SQL TempDB can grow in size, eventually running out of space and causing the data channel tables in the database to grow. This release resolves this issue. 6

Policy, tag, and key management 1154375 When using the Firefox browser, McAfee epo now opens the Edit Assignment page when you save a policy assignment on a single endpoint. 1179253 In the Tag Catalog, tags are now successfully applied after creating a tag. 1196882 Text strings are now correctly displayed in the Policy Comparison page. 1202501 An Active Directory synchronization no longer creates duplicate entries if the system is in the System Tree and Leave systems in their current location is selected. 1203516 Tags set to apply on every agent-server communication based on IP are now properly applied. 1206256 Tags with double-byte characters are now successfully applied to endpoints. 1207218 Policy owner information in Broken Inheritance is now correctly displayed. 1209077 Applying a tag using the Contain pattern comparison no longer generates the error S-Expression in tag ID x did not match. Queries and reports 1175417 Running a query as a non-administrator no longer generates the error message An error occurred while retrieving the requested data. 1193656 Duplicate query entries now include the correct query name. 1187446 Queries that run in the McAfee epo console no longer hang and always return results. 1199459 The product version is now correctly displayed after the Bar Chart query runs and returns the results. 1205176 On the System Details page, the installed McAfee Agent version now appears, instead of EPOAGENT. 1206036 On the Actions tab of the Server Task Builder, if the query Agent Uninstalls Attempted in the Last 7 Days is preselected, the Sub-Actions option is now enabled. 1208404 When exporting data from some queries and reports to XML, the XML file no longer contains redundant carriage return, line feed (CRLF). 1213873 The Pie Chart query now correctly runs in a standalone query. 1216109 On the System Details page, DAT-Version (VirusScan Enterprise) is now correctly displayed. System Tree 1156776 During an Active Directory synchronization, excluded containers are no longer added to the System Tree. 1160948 Duplicate systems no longer frequently appear in the System Tree. 1164286 Selecting System Tree Select a machine Action Show Client Events no longer generates the error The requested resource was not found. 1166161 All systems are now visible when you test sorting in the System Tree with sorting disabled or enabled. 1192912 Custom property fields now remain visible after entering a new value. 1198853 When Active Directory synchronization runs, some systems are no longer populated to unexpected locations in the System Tree. 7

1209069 System Tree path now provides the correct result of the Applied Client Task query. 1218697 The System Tree now moves systems to the correct folder with sorting disabled. Upgrades and installation 1181912 Permission sets with Global Reviewer permissions no longer change after upgrading from 5.3.3 to 5.9.0. 1184484 The McAfee Agent installation path is now correctly displayed as Program Files\McAfee\Agent if you're logged on in French. 1190740 The McAfee Agent 5.x default installation path is now correctly displayed as Program Files\McAfee \Agent instead of Program Files\McAfee\Common Framework. 1197173 Upgrades no longer fail because a SQL Server user is no longer required to have system administrator rights. 1217643 In some cases, combinations of 1024 certificates and cipher suite lists caused failed connections, resulting in upgrade issues. This release resolves this issue. User interface 1186589 Translated migration text now consistently appears in the Root Certificate section in the Certificate Manager. 1192234 In the Tag Catalog Preview page, the option Reset X manually tagged and excluded systems is now grayed out if you create a tag with no criteria, manually create a computer object, and assign the tag to the computer. 1196845 The title Create New Task in the pop-up window is now translated and displayed correctly. 1211077 A space is no longer missing between continuous and deployment on the New Deployment page. 1211766 In the System Tree, Threat Events in the Last 2 Weeks now appears in the correct size. Miscellaneous 1165844 Reviewers are no longer given Global Administrator permissions after upgrading from 4.6.x to 5.1.x, or after exporting permissions from 4.6.x to 5.1.x. 1165876 An Apache out-of-memory condition no longer causes a failure to process data channel requests that resulted in agent-server communication failures with Connection refused and Server busy error messages. 1182940 This release replaces Oracle Java Runtime Environment with Azul Zulu JRE. 1186330 The McAfee epo Application Server (Tomcat) no longer crashes when an Active Directory synchronization task runs and the task is unable to connect to the LDAP server. 1190396 From McAfee Endpoint Security, Automatic Response emails containing the {threatactiontaken} variable now return the correct value. 1196946 If you remove a server task, it no longer stays in the Task Queue in the database, resulting in the process trying to validate the deleted server task every minute. 1203183 The Run at every policy enforcement (Windows only) option is no longer available. This feature was deprecated in McAfee Agent 5.0. 8

1204151 The McAfee epo Application Server (Tomcat) no longer crashes when replicating to distributed repositories due to Java heap corruption. 1209055 Checking in an Extra.DAT file no longer generates data truncation errors in the Orion Log. 1209343 Creating an Automatic Response with multiple groups using the Defined at filter, and adding two groups with an Or operator, no longer generates the error message Can't continue editing this response since it has been put into an invalid state. Click OK to return to the responses page. 1209946 Custom properties are now always removed from McAfee epo when they are removed from an endpoint. 1210469 A user with Global Reviewer permissions can now view Client Event details. 1219115 This release resolves an Agent Handler issue where a null pointer error can lead to an Apache out-of-memory condition, resulting in agent-server communication failure until Apache restarts. Known issues For a list of known issues in this product release, see this McAfee KnowledgeBase article: KB87673. Installation information The current release of the product has specific installation requirements and best practices. For information about installing or upgrading epolicy Orchestrator software, see the McAfee epolicy Orchestrator Installation Guide. Best practice: Run the Pre-Installation Auditor Before you upgrade McAfee epo, run the McAfee epo Pre-Installation Auditor to reduce or prevent upgrade issues. Running the auditor automates many of the verification tasks included in the upgrade process. Task 1 Download the McAfee epo Pre-Installation Auditor from the McAfee epo Downloads page: secure.mcafee.com/apps/downloads/my-products/login.aspx 2 Double-click epip.exe to start the auditor, then follow the prompts. For more information, see the McAfee epo Pre-Installation Auditor Release Notes. Upgrade McAfee epo in a Windows cluster If you are upgrading McAfee epo in a Windows cluster, you must delete the certificates from your quorum disk. Deleting the certificates prevents service startup failures in a failover situation (see tracking issue 1213758). Delete these files in <EPO>\Apache2\conf\ssl.crt: 9

ahcert.crt ahpriv.key mfscabundler.cer Requirements for installation or upgrade if using SSL connection to SQL Server Your installation or upgrade might fail if you use an SSL connection between your McAfee epo 5.9.1 server and your SQL database. This release of McAfee epo updated the RSA libraries that have additional security requirements for communication with the database. To meet the new compatibility requirements, install all available Windows updates on your McAfee epo server and the SQL Server before starting the installation or upgrade. For more information, see KB87731. Enable TLS 1.1 or 1.2 on your browser This version of McAfee epo 5.9.1 requires enabling TLS 1.1 or 1.2 support on your browser. To provide additional security for the communications between your web browser and your McAfee epo server, you must enable TLS 1.1 or 1.2 support on your browser. See the documentation for your browser to enable TLS 1.1 or 1.2 support. Getting product information by email The Support Notification Service (SNS) delivers valuable product news, alerts, and best practices to help you increase the functionality and protection capabilities of your McAfee products. To receive SNS email notices, go to the SNS Subscription Center at https://sns.secure.mcafee.com/signup_login to register and select your product information options. Where to find product documentation Go to docs.mcafee.com to find the product documentation for this product. Go to support.mcafee.com to find supporting content on released products, including technical articles. Copyright 2018 McAfee, LLC McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others. 0-00

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback