cancel
Showing results for 
Search instead for 
Did you mean: 

Migrating from Legacy McAfee Products to Endpoint Security

 

Top Reasons to Migrate to Endpoint Security

 

 

Better performance

 

  • CPU utilization is 47% better than McAfee legacy endpoint security.
  • Boot time is 16% faster than McAfee legacy endpoint security.
  • New Zero-impact user scans only run when the device is idle and resumes after shutdown or restart.
  • Our DAT file is now 60% smaller than traditional AV DATs.
  • AV-TEST score of 17.5 out of possible 18 (August 2015).
  • First-time scans for McAfee Endpoint Security 10 run more than 30% faster over legacy endpoint security.

 

 

Better threat remediation, intelligence and threat forensics

 

The common architecture allows the modules to work together to provide improved security. For example, when a file gets downloaded, the Web Control module sends a file hash to the Threat Prevention module. The Threat Prevention module triggers an immediate on-demand scan on the file. You can also configure McAfee Global Threat Intelligence sensitivity in McAfee ePolicy Orchestrator® (McAfee ePO) software for these types of scenarios. Based on the results of the scan, the product will take the necessary action. The actions that are taken are summarized in common, easy to read language within ePO with several new insights into the origins, attempted actions and targets of attacks so you can harden your policies and defensive actions.

 

 

Optimized and consolidated legacy products into a new, next generation platform

 

McAfee Endpoint Security 10 introduces a new framework that consolidates and simplifies the technologies you already have while also allowing multiple endpoint defense technologies to communicate in real time to analyze and collaborate against new and advanced threats. Our next generation framework that is ready to plug in our other advanced threat, Endpoint Detection and Response (EDR) solutions.  The ENS 10 framework communicates using the Data Exchange Layer (DXL) Fabric. McAfee Threat Intelligence Exchange also uses DXL and can communicate with ENS 10. This is valuable for customers are interested in purchasing multiple, global threat intelligence feeds and stronger threat detection and response tools. McAfee Active Response can run side by side with ENS 10 further enhancing a customer’s environment

 

The result is a simplified product:

 

  • Technologies once deployed as individual McAfee products, are now consolidated into three Endpoint Security core modules: Threat Prevention, Web Control, and Firewall.
  • Deploy and turn on only the modules you want now and enable the rest whenever you’re ready.
  • The 12 configuration policies in McAfee VirusScan Enterprise are now optimized and replaced with only 5 Threat Prevention policies.
  • Host IPS 8.0 protections are now included within Endpoint Security 10 Threat Prevention, as 'Exploit Prevention' security.
  • Endpoint Security is extensible and designed to build upon. Future security and content can be deployed without requiring point product binary updates.

 

 

Migration tools and options make it easy to make the move

 

The Endpoint Security Migration Assistant tool aids customers in migrating their policies from VSE, HIPS, and SAE to McAfee Endpoint Security 10.

Two migration approaches can be taken:

 

Automatic migration – Customers can create new policies and client tasks automatically, based on current product settings, and assign them to groups and managed systems, based on current assignments.

 

Manual migration – Customers select the settings to migrate and, optionally, edit them. Manual migration does not retain assignments.

 

 

It's a free security upgrade!

 

If you’re an existing customer with one of our Endpoint suites, you’re in. Simply log into McAfee ePO, and McAfee Endpoint Security 10 will be available to you within the Software Manager or you may access it by using your grant number to download the software package to install via McAfee ePO.

 

Customer's with current McAfee product versions, read on for more information on how you can quickly get started.

 

 

Am I Ready for Endpoint Security Now?

 

You can start leveraging next generation security now by upgrading your systems to Endpoint Security 10. Customers who are managing VirusScan 8.8, Host IPS 8.0, or Site Advisor Enterprise with ePO 5.1.1 or 5.3, and McAfee Agent 5.0.3, are ready to upgrade now. Please refer to Knowledge Base article KB87476 - Recommended Upgrade Paths to Endpoint Security 10.x.

 

 

Preparing for Migration to Endpoint Security

 

To streamline the migration process and minimize potential conflicts that may arise, Intel Security recommends that you first review and revise your existing legacy policies and assignments that you plan to migrate. During your review, identify any policies or tasks that you can consolidate to simplify the migration process. Additionally, you should also remove any duplicate objects as well.

 

Be sure to notify other ePO administrators not to make any modifications to the Policy Catalog, Client Task Catalog, or Firewall Catalog during migration. If objects change while the migration is in progress, the new objects will not reflect those changes.

 

 

VIDEO - How to prepare to migrate to McAfee Endpoint Security

 

 

 

 

Endpoint Security Migration Assistant

 

The Endpoint Security Migration Assistant walks you through the migration process. You can let the Migration Assistant migrate all your settings and assignments automatically, based on your current settings and new product defaults, or you can perform the migration manually. The Migration Assistant migrates settings in environments managed with McAfee ePolicy Orchestrator version 5.1.1 or higher.

 

Endpoint Security 10 is an integrated solution for the endpoint; replacing the individual legacy endpoint products of VirusScan Enterprise, Host IPS Firewall, and Site Advisor web filtering.

 

 

ENS_10_5_policy.png

 

 

 

The Endpoint Migration Assistant ensures that the settings in your legacy policies are moved to the correct policies in Endpoint Security. In some cases, they are merged with other Endpoint Security settings, and in others, new default settings are applied to support updated technologies. As a result, some of the legacy policy settings have changed.

 

 

 

VirusScan Entrprise 8.8 Policy Mapping

 

 

Host IPS 8.0 Firewall Policy Mapping

 

 

SiteAdvisor Enterprise 3.5 Policy Mapping

 

Installation of Endpoint Security 10 when existing legacy products are installed

This table describes what happens when Endpoint Security 10 is installed.

         

 


Choosing an Endpoint Assistant Migration Path

 

The Endpoint Migration Assistant allows you to decide which migration path to follow by considering the characteristics of your network or managed systems and your migration goals. Here are some steps to help you decide the best migration path for you.

 

Decide whether you need to migrate at all. Do you want to retain any current settings and assignments for your legacy products?

  • No - Install Endpoint Security 10 without migrating. Follow the instructions in the McAfee Endpoint Security Installation Guide
  • Yes - Use the Migration Assistant to migrate your settings before deploying Endpoint Security 10 to systems. If you do want to migrate your settings, decide whether to migrate automatically or manually.
    • Automatic migration is a "hands-off" process. The Migration Assistant makes all the migration decisions "behind the scenes."
      • It is recommended for:
        • Networks with fewer than 250 managed systems.
        • Customers who use default policy settings or a minimum number of custom policies.
        • Migrating the Host IPS Catalog.
      • Benefits
        • Requires minimal input from you
        • Migrates all the settings for each supported product. All of your policies and client tasks are migrated at the same time
        • Retains policy and client task assignments
        • Migrates the Host IPS Catalog
      • Cautions
        • You can't select specific policies or client tasks to migrate
        • You can't edit policies or client tasks
        • Does not migrate unassigned policies
      • Click here for the Automatic Migration Guide

 

    • Manual migration is a "hands-on" process. You make most of the migration decisions by selecting the objects to migrate and editing their settings, if needed.
      • It is recommended for:
        • Networks with more than 250 managed systems
        • Customers who use multiple custom policies.
        • Customers who want to fine-tune existing policy settings during the migration process.
        • Customers who want to fine-tune assignments.
        • Customers who want to personally supervise and approve each step of the migration process.
      • Benefits
        • Lets you select each policy and client task to migrate
        • Lets you edit the settings for each policy or client task to migrate
      • Cautions
        • Requires more input from you
        • Does not retain assignments. You need to assign policies and client tasks to managed systems
        • Does not migrate the Host IPS Catalog
      • Click here for the Manual Migration Guide

 

 

VIDEO - McAfee Endpoint Upgrade Assistant

 

Additional Resources

 

Documentation--

McAfee Endpoint Security 10.5 Product Guide

McAfee Endpoint Security 10.5 Installation Guide

McAfee Endpoint Security 10.5 Migration Guide

McAfee Endpoint Security 10.5 Release Notes

 

McAfee Endpoint Security 10.1 for Mac Product Guide

McAfee Endpoint Security for Mac - Threat Prevention 10.1.0 Product Guide

McAfee Endpoint Security for Mac — Threat Prevention 10.1.1 Release Notes

 

 
Knowledge Base--

KB87476 - Recommended Upgrade Paths to Endpoint Security 10.x

KB87328 - Supported upgrade paths for McAfee Agent, VirusScan Enterprise, and Host Intrusion Prevent...

KB86704 - FAQ's for McAfee Endpoint Security

KB88288 - Endpoint Security Quickstart Tasks

KB82761 - Supported platforms, environments, and operating systems for Endpoint Security

KB82450 - Endpoint Security 10.x Known Issues

KB84934 - Supported platforms, environments, and operating systems for Endpoint Security for Mac

KB85855 - Endpoint Security for Mac 10.x Known Issues

 

 

Communities--

Intel Security Expert Center

McAfee Endpoint Security

Endpoint Security 10 Community Forum

Tags (2)
Contributors
Version history
Revision #:
4 of 4
Last update:
‎02-01-2018 03:12 PM
Updated by: