cancel
Showing results for 
Search instead for 
Did you mean: 
hbss_admin
Level 9

Fresh install of HIPS agent hoses Nic teaming configuration

We need to deploy new HIPS agents to servers that have a NIC teaming configuration. Luckily we tested in a lab first because it messed up the configuration of the NIC teaming.

Is there a KB article or some McAfee documentation somewhere that describes the best way to install HIPS on servers with these configurations?

HIPS 7.0.0.1102

ePO 4.0 Patch 6

the NIC cards are broadcomm based

Thanks

PG

0 Kudos
8 Replies
McAfee Employee

Re: Fresh install of HIPS agent hoses Nic teaming configuration

To ensure the Host IPS NDIS drivers installed successfully, I would recommend:

a) upgrading the NIC drivers and software to the latest version from the hardware vendor,

b) disable any NIC teaming. 

It may install without doing either of these, but these are some common causes.

Also, specifically for Broadcom NIC teaming, see:

KB66104 - Issue with teamed Broadcom Network Interface Cards on servers running McAfee Host Intrusion Prevention 7.0

0 Kudos
hbss_admin
Level 9

Re: Fresh install of HIPS agent hoses Nic teaming configuration

Kary - thanks for such a quick reply.

We have to deploy the agent to about 500 production servers, most with NIC teaming, and that would take a heck of a lot of man-hours in labor to implement. Do you have a more streamlined method of making this happen?

One other related thing. We do have existing HIPS agents on a number of servers. Does updating the HIPS agent go easier than fresh HIPS installs do?

PG

0 Kudos
McAfee Employee

Re: Fresh install of HIPS agent hoses Nic teaming configuration

1. You could deploy to the systems without performing these steps, and then just fix the ones that don't work (lose network connectivity)

or

2. Follow these suggestions to make sure that the Host IPS install does not cause a server network outage (which is usually what happens when NDIS fails to install)

Fresh installs or updating the Host IPS build with patches performs the same NDIS installation method, so it's a good idea to disable NIC teaming before applying patches.

0 Kudos
hbss_admin
Level 9

Re: Fresh install of HIPS agent hoses Nic teaming configuration

You're forgetting the 3rd option - customers decide to switch to a diffferent product because there's too much hassle with this one.

We have hundreds of servers spread geographically around the country in every state, most of them accessed via remote desktop. If the network connectivity goes down making these changes, someone has to go to the console of each and every one of these machines and fix it. On an enterprise network of this size that would be logistically impossible.

I'm sure McAfee has numerous large enterprise customers that have hundreds or thousands or hundreds of thousands of systems. It's hard to believe that they are spending hundreds of hours to just simply update and/or install a new HIPS agent.

0 Kudos
RCurtis
Level 8

Re: Fresh install of HIPS agent hoses Nic teaming configuration

I agree...this is potentially a show stopper for me!

0 Kudos
bgable
Level 11

Re: Fresh install of HIPS agent hoses Nic teaming configuration

KB66104 - Issue with teamed Broadcom Network Interface Cards on servers running McAfee Host Intrusion Prevention 7.0

This referred to a bug in the Broadcom drivers, not McAfee.

The drivers were updated which is why the KB states to upgrade your drivers and teaming software to their latest version.

0 Kudos
hbss_admin
Level 9

Re: Fresh install of HIPS agent hoses Nic teaming configuration

All of the Broadcom NIC drivers and BACS software is up to date.

0 Kudos
StefanT
Level 9

Re: Fresh install of HIPS agent hoses Nic teaming configuration

Has anyone tried HIPS 8 to see if this causes the same issue?

We had exactly the same issue with HIPS 7 and not soley related to Broadcom drivers, we had it with others too.

Not got around to trying HIPS 8 yet and was interested if the same issue occurs?

Stef

0 Kudos