This is a patch season for your MEG appliance. We had MEG 7.5.1 (patch 1 for MEG 7.5) posted to our download site on October 14, 2013. Currently MEG 7.0.4 (patch 4 for MEG 7.0) is underway and expected to be released within a couple of weeks. This week I'd like to introduce a special consideration which you'll need to be careful when installing patch to your MEG appliance that is managed by ePO.
You can install the MEG patch from System, Component Management, Package Installer, Update From File. Before you install the MEG patch to an Appliance that is managed by ePO, you must disable ePO management and update the Extensions on your ePO server. Otherwise, you may encounter unexpected behavior on your Appliance (for example, the management console becomes unavailable).
The reason why we need to follow the process is to avoid mismatch in ePO extension and appliance configuration file structure between MEG appliance and ePO server. MEG appliance holds its configuration as XML files in the backend. MEG patch may add and/or change the structure and/or value of the XML configuration files in order to introduce enhancement and/or fix. MEG patch may contain updated ePO extensions that is aligned to the enhancement/fix. If XML file structure and ePO extension are not updated in sync among MEG appliance and ePO server, ePO would push configuration to the MEG appliance with wrong format and/or value, which could result in various unexpected behavior.
The process for installing MEG patch to ePO managed MEG appliance is outlined below:
Disable ePO management on the appliance.
Install the MEG patch.
Update the ePO extension for your ePO server.
Export the appliance configuration and import it in the ePO policy catalog.
Re-enable ePO management on the appliance.
We prepared KB79376 for the details of this process. Patch release notes for MEG 7.5.1, MEG 7.0.4, and their successors will have a hyperlink to KB79376 and explicitly warn. Please see KB79376 before installing patch to your MEG appliance that is managed by ePO.
Please also see KB79376 if you happened to install MEG patch to your ePO managed MEG appliances, which resulted in your MEG appliance console/dashboard being unresponsive. Then contact McAfee to arrange a remote session to resolve the issue accordingly.