disable McAfee Threat Prevention during Windows Upgrade
Is it possible to disable McAfee TP via command line? I'm in the planning process of doing in-place upgrades of our windows machines to 20H2 via SCCM, and would like to include a step to disable threat prevention. I would like to avoid uninstalling McAfee.
I am afraid we do not have a CLI based command set for turning ON and OFF your AV. However, you can use the ESConfig tool via command line to import a disabled policy for On Access Scan and other Threat Prevention features locally and then enforce the policy from ePO post Windows upgrade.
While this could involve an initial setup with required policy export and also a change in existing Access protection policy, You can read further on the use of this tool here:
Having said that, ENS is not designed to stop Windows upgrade unless it is not compatible with the version of Windows you are upgrading to - we would recommend upgrading ENS first in these scenarios as disabling AV would still not help us here.
Also, you can keep SCCM related processes defined as "Low-Risk" process to avoid performance impact as well. Vendor recommendations to follow is as below I believe (please verify with vendor):
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.