cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 1 of 6

AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

We have a Windows 2012 server, that is a file server, which is reporting that it is not updating to the latest ENS Amcore Content. The ENS running on this system is ENS Threat Prevention 10.7.0 February Update with ePO Agent 5.6.4.

Last week, I had another server do the same thing. When trying to force the Amcore update locally it would say that it failed. Decided on this non-critical server that it was OK to reboot. This fixed the issue as after the update it succeeded in updating the Amcore content.

The other server we have is more critical so want to try to avoid rebooting it. Is there something that we can do. I know that I push a policy to disable self protection for the ePO agent and ENS but how can I restart the McAfee services remotely from the ePO server so as to avoid a server reboot?

Is it possible to use EEDK to push a script to restart the services and if so does anyone have a example script. 

I have tried re-deploying the agent but the task will fail. 

1 Solution

Accepted Solutions
Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

The server admin said that the ENS console wouldn't open. We decided to schedule a reboot and run the Endpoint removal tool to strip the McAfee software. After a reboot and reinstall the software is now updating the Amcore content daily. 

View solution in original post

5 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

Hi @twenden ,

Thank you for reaching us on teams.

As you have mentioned "forced the Amcore update locally ", I believe you have downloaded the DAT from https://www.mcafee.com/enterprise/en-us/downloads/security-updates.html and ran it.

If this fails, The issue with not with the Agent and there is no point in redeploying the Agent.

May i know when was the ENS 10.7 installed ? and was there any other version of ENS before ? 

Also let us know the current AMcore version that is installed on the machines.

 

Thank you.

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

No we have not tried to install the Amcore locally. Don't have a logon to this server so will need to try to get eh system admin to try locally. The ENS 10.7 was installed sometime around December and was an upgrade from ENS 10.6.1. It reports the current Amcore content version as 4038 which is about 3 days old. 

 

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 4 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

Have tried to push a policy to the server to disable self protection. That way we can try to get the server admin to restart the services. He wants to avoid a server reboot. He is reporting that he can't restart the McAfee services as they are grayed out. Any suggestions?

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 5 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

The server admin said that the ENS console wouldn't open. We decided to schedule a reboot and run the Endpoint removal tool to strip the McAfee software. After a reboot and reinstall the software is now updating the Amcore content daily. 

View solution in original post

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 6 of 6

Re: AmCore Content not updating on ePO Managed server and some workstations

Jump to solution

I can only guess and often an unknown problem if your server did not have full wan access/Proxy. (Which would be normal?)

Check that the Server can REACH the WAN (Internet) Certificate Revocation Lists.

This is most of the times a SEPARATE protocol category on Fortigate Firewall as example.

What you DID was maybe a workaround BUT in detail not the fully solution. If you have have such a problem on 200 server you will have to solve it.

The example is from a W10 client setup Deployment but goes into same category:

http://www.butsch.ch/post/Missing-entry-in-Fortigate-Application-Filter-ROOTCERTIFICATEURL-and-OCSP-...

 

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community