cancel
Showing results for 
Search instead for 
Did you mean: 
hbss_admin
Level 9

How to install HIPS agent to clustered servers

Jump to solution

Is there a documented method of installing HIPS on clustered servers, either a MS-SQL clusters or MS Exchange clusters?

Thanks in advance,

PG

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: How to install HIPS agent to clustered servers

Jump to solution

Yes, that would be correct.

0 Kudos
10 Replies
McAfee Employee

Re: How to install HIPS agent to clustered servers

Jump to solution

The Host IPS product is not cluster-aware, but just follow the same installation instructions as documented in the Host IPS Installation guide.  Install the software on each physical node of the cluster.

0 Kudos
hbss_admin
Level 9

Re: How to install HIPS agent to clustered servers

Jump to solution

I'd been warned by someone high up in DISA that installing HIPS agents on clusters was tricky. Are you saying it's just like installing it on any other system?

0 Kudos
McAfee Employee

Re: How to install HIPS agent to clustered servers

Jump to solution

The installation of the Host IPS software on servers that are clustered is no different that non-clustered servers or workstations.  The installation (execution of the McAfeeHIP_ClientSetup.exe) is the same for any Windows-based system.

KB58954 - Host Intrusion Prevention 7.0 Server is not cluster environment aware

Now, you do have to be aware that when installing the Host IPS 7.0 product on a system, it will tear down the network stack to install the NDIS drivers.  This network loss might cause the cluster to perform a failover.  Perform the install during a maintanence window to avoid any non-scheduled outages.  That may be what you're referring to. But the installation of the HIPS software itself is no different on physical nodes of a cluster.

0 Kudos
hbss_admin
Level 9

Re: How to install HIPS agent to clustered servers

Jump to solution

Is there any recommended order to installing; i.e. install to passive first, failover to passive; then install to other system?

0 Kudos
McAfee Employee

Re: How to install HIPS agent to clustered servers

Jump to solution

Yes, that would be correct.

0 Kudos
hbss_admin
Level 9

Re: How to install HIPS agent to clustered servers

Jump to solution

Thanks!

0 Kudos
hbss_admin
Level 9

Re: How to install HIPS agent to clustered servers

Jump to solution

Just a quick follow up question that came to mind this morning, Kary. You said "(execution of the McAfeeHIP_ClientSetup.exe)" which seems to imply manually running installing HIPS (as opposed to using a client task?).

Is there any problem using an ePO client task to install to the passive node first, then a client task again for the remaining node?

0 Kudos
McAfee Employee

Re: How to install HIPS agent to clustered servers

Jump to solution

Deploying via ePO executes the McAfeeHIP_ClientSetup.exe.  I was referring mainly to installing HIPS via non-ePO deployment tasks, i.e., to run the .EXE vs. installing via the .MSI file. 

Installing via the .MSI file only is not supported; unzip all files from the client installer zip file and the .EXE must be run (if performing a non-ePO install).

0 Kudos
SeaWalker999
Level 7

Re: How to install HIPS agent to clustered servers

Jump to solution

Kary

Don't you need to break the cluster before installing HIPS 8.0 to the individual nodes? 

0 Kudos