cancel
Showing results for 
Search instead for 
Did you mean: 

Create policy allowing full end user access

We have a small lab where the PC admins needs full rights to change settings in the McAfee virus scan and agent settings but only from the client not from the EPO web server.

Is there list of places to go to grant this? We'll push down the agent and the AV install but after that we need them to change whatever they need to. We are using EPO so that we can still track usage and have it report back data.

But if it's not possible the next option is to install an agent-less install that allows them to do whatever they need to. Could we just give them the AV installer without the agent? Do we need special licensing for our company to use that?

4 Replies
mapc
Level 7
Report Inappropriate Content
Message 2 of 5

Re: Create policy allowing full end user access

Assuming you're using ePO 4.6 and VSE 8.8: In the Policy catalog go to VirusScan Enterprise 8.8.0, then General Options Policies.

On the "Password Options" tab you can choose to protect the settings with a password and also which  items to protect, or not protect.

Re: Create policy allowing full end user access

Hello ditguy2012,

If the Virus Scan is managed by EPO even if end users change locally tpe policies of AV the McAfee Agent will some minutes after load the EPO server policies.

It possible to install the AV one by one on each computers but it is a waste of time if you have a lot of computer.

Firstly you can deploy AV via EPO.

Secondly, you will uninstall the agent via EPO on selected computer.

Finally, those end users can modify their policies.

Re: Create policy allowing full end user access

, thank you for the reply. So the idea is if there is no password then they can modify any of those settings. passwords are there to lock them out?

, thank you for the reply. that's a decent option. push agent, push av, uninstall agent. does that violate license agreement if we bought ePO for the company?

mapc
Level 7
Report Inappropriate Content
Message 5 of 5

Re: Create policy allowing full end user access

Yes, I think that's the idea. Then you'll also have to tell VSE not to overwrite client exclusions etc. That is done in the different policies for high-risk, low-risk, and default processes.

If you choose to install as ditguy2012 suggests, I think it's better to do a standalone installation of VSE. If no agent is present while installing VSE, VSE will install an updater.

McAfee KnowledgeBase - FAQs for VirusScan Enterprise 8.x