cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 21 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

You would need to remove the dlp 9.3 extension and upgrade the 11 build to 11.0.500 or higher.  It will not require an upgrade of the clients until you are ready to upgrade those.  I would suggest the latest dlp extension available.  So, you can still go to 5.10 if you do those things.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
Level 11
Report Inappropriate Content
Message 22 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

For sure the DLP 9.3 extension has to go, I've exported the list of devices still on that version and it's only a handful.

Presumably I'd need to remove the DLP 11 P2 extension as well as the 9.3 though and then install the latest DLP 11 extension (v7 I believe) once the upgrade to 5.10 is complete?

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 23 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Do not remove the 11 version extension that is already there, or you could potentially lose policies and settings.  Just upgrade it.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
Level 11
Report Inappropriate Content
Message 24 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Sure, that's what I was looking at doing - but ePO 5.3.2 is incompatible with DLP extensions newer than P2 is it not? The KB that refers to that is KB68147.

Supported DLP VersionsSupported DLP Versions

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 25 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Well, you have a point there.  In that case, in server settings, policy and task retention, make sure that is enabled.  Export all your dlp policies and policy assignments.  Then in dlp settings, backup and restore, be sure to back that up to file and check box to include policy injection object.  Then before you do the upgrade, you can remove the extension temporarily.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
Level 11
Report Inappropriate Content
Message 26 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Hey,

I was discussing the option of backing up the DLP config and enabling the policy and task retention etc which is definitely a fair point to consider, but my boss feels the safer route is the 5.9.1 option. I had actually gone through all those steps in readiness for going down that road but never mind.

You mentioned earlier about the need to disconnect any SIEM - there is a SIEM backend - Splunk. I'm not sure of the version as that's not my area but I hear v6.6 being mentioned.

In any event, would it be sufficient to simply disconnect that connection until the ePO upgrade is complete and then re-enable it?

Speak soon.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 27 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Yes, disabling the siem temporarily will be fine and then reconnect after upgrade.  One thing to keep in mind for when you do go to 5.10, epo 5.10 connections to any siem or syslog server will require tls 1.2 ssl connection. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
Level 11
Report Inappropriate Content
Message 28 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Thanks again for all your invaluable assistance.

We'll be pushing "the button" to upgrade the 5.3.2 ePO server in the next 2-3 hours or so (just waiting for the SQL guy to become available and the Splunk chap to come online).

Exciting times 😉

 

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 29 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Good luck!  Be sure you have all the right backups.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
Level 11
Report Inappropriate Content
Message 30 of 51

Re: ePO Agent Handler Upgrade - Best Approach?

Thanks!

We got pretty close to hitting the button but unfortunately we were beset with storage issues on the SQL backend so I've requested an additional 100GB of storage to address that. This was flagged up by the ePIP tool and confirmed by one of the DBAs as well.

The other area which failed was the RSA Compatibility check; although I ran IISCrypto on the ePO server, selected Best Practices and rebooted it is still complaining. I was hoping to get away with running that on the SQL server.

So now we have to temporarily migrate the other two DBs that reside on the same SQL server as ePO to another datacentre in order that the reboot of SQL does not impact on the other DBs that live there.

IISCrypto only makes changes to the registry, does it not, to adjust the priority of the Cipher Suite? In which case I guess we can just make a backup of the registry in the unlikely event anything untoward were to happen. Or maybe we can go belt-and-braces and backup the entire box!

We're nearly there - I'll keep you posted of progress!

Nick

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community