cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 6
‎12-19-2014 12:39 PM

ePO 5.1, want to configure alert for VSE client uninstall

Hi,

My users are local admins and are easily able to uninstall Virus Scan Enterprise.  How can I set up an alert to notify me when this occurs?  Better yet, is there a way to prevent this completely in ePO?  I haven't figured out a way to accomplish this..

I have the 'prevent modification' and 'prevent termination' policy settings enabled but this alone does not seem to stop someone with local admin from simply uninstalling VSE.

Advice?  Thank you!

0 Kudos
Reply
5 Replies
avinash34
Level 12
Report Inappropriate Content
Message 2 of 6
‎12-19-2014 09:09 PM

Re: ePO 5.1, want to configure alert for VSE client uninstall

Hello thebox,

you can protect the uninstallation of VSE by using a password.you can enable the password options by going to general option policies |password options

Thanks,
Avinash

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 6
‎12-20-2014 12:52 AM

Re: ePO 5.1, want to configure alert for VSE client uninstall

Hi Dears,

I am agree with Avinash but in additional I suggest you to check this policy as well:

vse.JPG

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 6
‎12-20-2014 02:04 PM

Re: ePO 5.1, want to configure alert for VSE client uninstall

Thanks to you both for the suggestions.  The reason for my post is that I have already set a password in the VSE general options policies and I have also enabled the appropriate block settings in the access protection policies/common standard protection settings, and I have also checked the 'prevent mcafee services from being stopped' option.

This is still not preventing a local administrator from simply uninstalling the software. I am definitely sure the VSE UI is locked down accordingly, and local admin users are not able to manually start/stop services using the services console, however they are still able to remove the VSE software from programs and features with no trouble at all, and no password prompt.

Is there anything I could possibly be overlooking? 

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 5 of 6
‎12-21-2014 09:06 AM

Re: ePO 5.1, want to configure alert for VSE client uninstall

Hi there,

You could use a MID (McAfee Insatallation designer) and create a package customized that VSE is not visible in add/remove programs, so they could not uninstall as I believe they dont have permissions to uninstall from registry keys.To download the MID you can do it from Mcafee download site with your VSE license.

https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/23000/PD23073/en_US/...

In case that they have permissions to access to the registry, you can apply the following:

https://kc.mcafee.com/corporate/index?page=content&id=KB69716

To make sure that VSE is running you have a query in VSE 8.8 patch 3 or later to see if OAS (On Access Scanner) is running, thet you can run from ePO.

I hope this help you to do what you looking for

Best regards

Jose Maria

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 6 of 6
‎12-21-2014 09:17 AM

Re: ePO 5.1, want to configure alert for VSE client uninstall

Excellent idea.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com for Enterprise

Legal   |   Privacy   |   Copyright © 2021 Musarubra US LLC