Showing results for 
Search instead for 
Did you mean: 

Automatic deployment of VSE/HIPS???

Once the Agent is installed on a new endpoint, can ePO be configured to detect the lack of other products and deploy them automatically by policy? The alternative at the moment is that I either "discover" a new PC on the network (the installation team will install the agent), or I am given the heads up that a new PC is ready for me to manually deploy protection. My super wants this process automated. I am not seing a seeing a pre-fab way to do this in ePO and am thinking this can't be done without creating some kind of script or something.






3 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Automatic deployment of VSE/HIPS???

If I understand your question you would like ePO to automatically deploy certian products (ePO/HIPS, etc) to clients that are managed by ePO. This can be accomplished in ePO via a variety of means.

If you want ALL machines in your environment to have these products installed the simplest method is to create 2 deployment task and assign them at the "My Organization" level so they apply to everybody. Schedule the first task to "run immediatly" and schedule the second task to run every day at a certian time (maybe every day at 10:00 AM) and set it to run missed tasks. The run immediatly task will run as soon as a client communciates in and gets the task. The second task is incase that does not work for some reason the deployment will be re-tried once a day.

Don't worry if the product is already installed the deployment task will not re-install it.

If you only have select machines you wish to deploy the product then you can do something similar to the above only make the deployment tasks tag based (i.e. only run the task if the client machine has this tag). Then define a report which returns a list of machines which meet the criteria to have the product deployed. I don't know what that criteria would be for you. Then create a server task to run this report once a day and take the action of "apply tag" and apply the tag your task is keyed off of.

Re: Automatic deployment of VSE/HIPS???

I do this with all my managed services customers.  It is simple if you know how to manipulate ePO into doing the repetitive tasks for you.

  1. First you will want to create a Query which displays a Table View for "Machines Without VSE Installed".
  2. Then you can create a Tag called something like: "Install VSE".
  3. Then create your task to perform said installation and have it apply to machines without that product installed.
  4. You will then create a Server Task to run the query "Machines Without VSE Installed".
  5. You will also add the Sub-Action to "Apply Tag" and select the "Install VSE" tag.
  • You can set this to run on an hourly basis if you want, or you can try and spread it out throughout the day.

If you want to also remove the Tag:

  • Duplicate the original query but change it to "Machines With VSE"
  • Modify the Server Task created above to also run the newly created query for "Machines With VSE"
  • add the sub-action to "Remove Tag" and select the "Install VSE Tag"

Re: Automatic deployment of VSE/HIPS???

Thanks guys. I will be out for a couple days but I just wanted to acknowledge your helpful answers. I'll be able to "play" with these ideas when I get back in.