Our SME resigned Friday and we need to complete the McAfee Hercules Administration Manager (ver: 220.127.116.11) configuration of importing a custom patch to deploy enterprise wide (servers and workstations) prior to Monday.
Need to import custom msi to deploy and utilize as a policy for auditing and enforcement. Because the 'patch' is not Microsoft, Linux, Solaris, Adobe, etc – Hercules will not import into its patch repository for its patch catalog to allow deployment, as a patch, an action pack, vulnerability, policy or audit action.
McAfee (Gold Support) is unable to assist due to the .msi being a third party application. Any help or ideas?
Here is a high-level overview on the steps needed to create a custom patch install for use with Remediation Manager:
1. Create a New File Download Entry entry in the Channel Server, specifying the URL of the msi package you'd like to be downloaded and installed.
Make a note of the GUID (not the URL GUID) which is automatically generated
For a simple install script example, refer to the "Run Mcafee 'stinger.exe'" vulnerability. A compliance script is generally not necessary for a simple 'install this patch' type of usage.
2. Create a new Vulnerability in the Hercules Administrator
3. Once the Vulnerability entry is created, you will be prompted to create a new Remedy
4. When editing the Remedy for the custom vulnerability you have created, add the 'Install Patch' action (found under the Windows Patch Management entry). You'll then need to edit the PatchIdentifier field with the GUID you copied in step 1.
5. Add the custom remedy to a new Policy Enforcement
The individual steps are outlined in more detail in the UserGuide.pdf and HercRemedyGuide.pdf available on the main Mcafee download site using your grant number. For more advanced options, the Remedy Guide will cover each of the available remedy actions you can use.
Hope that helps!