cancel
Showing results for 
Search instead for 
Did you mean: 
ebtrey
Level 7
Report Inappropriate Content
Message 1 of 5

Deep Command replacement

 

Does anyone know of any alternatives to Deep Command?  We are doing an massive deployment to Win 10 systems that are going to be encrypted; the issue is that encryption finishes before the patches are applied and after the systems are rebooted , they then sit at the encrypted login screen thus holding up the build process.  Has anyone run into this issue before and if so what was the solution? I think that I could enable an auto login via policy for encryption (I'll have to check, I don't have the policy in front of me) but I am not a fan of this as a solution.  Does anyone know if there are any other network aware solutions?

4 Replies
Highlighted
McAfee Employee jhall2
McAfee Employee
Report Inappropriate Content
Message 2 of 5

Re: Deep Command replacement

There is another option called Temporary autoboot. When the option in the policy is enabled and the EXE is run on the system, it allows to system to autoboot X number of times or for a specific amount of time. The EXE can be found in the product download package.

ebtrey
Level 7
Report Inappropriate Content
Message 3 of 5

Re: Deep Command replacement

Thank you.

Re: Deep Command replacement

The temp autoboot helps as a temporary solution for sure, but it doesn't address the issue of if there will be a replacement for Deep Command. 

I was about 90% completed with installing Deep Command in my environment. My team was excited to start using it. Then McAfee announced the product was being discontinued and will become end of life. This forced me to roll back all the installs. So now I am still left without a location aware bypass solution.

The great benefit of having the out of band management with deep command was the ability to NOT have a PBA environment stopping systems from loading to windows while on network. This made it much easier to patch encrypted systems while they are on network. IF a system went off network, we liked that it would force you to use the PBA environment before you could get to Windows. 

Will this "Location Aware" ability ever come back? If not, then I think we are going to be looking for other products that have this ability. 

Reliable Contributor SCtbe
Reliable Contributor
Report Inappropriate Content
Message 5 of 5

Re: Deep Command replacement

Well, location awarnes in conjuction with PBA precence could be controlled by an play of computer properties (IP reported), tags assined and policy assigmnet rules.

However this approach will have sort of inertia and cohesion in policy enforcment. That may result in security holes.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community