Hello, I'm very new to ePO and have to manage our mcafee environment (~3500 clients) in future. The thing which I don't understand most of all, is the whole updating process..
Right now, McAfee Agent 18.104.22.1682 and Agent ePO Agent Key Updater 22.214.171.1244 are installed on our clients.
When I take a look in the softwaremanager, it says there are 10 Updates available for McAfee Agent. For example:
Install - Windows (Patch 1) 126.96.36.1992
Install - Windows (Patch 2) Repost 188.8.131.5235
Install - Windows (Patch 3) 184.108.40.20622
ePO Agent Key Updater 220.127.116.114
ePO Agent Key Updater (Patch 2) Repost 18.104.22.16835
ePO Agent Key Updater (Patch3) 22.214.171.12422
- How should I do the update? There is a checkin and update button in the software manager...do I have to check it in into the evaluation branch and then press update? Or should I do it with a product update client task? is it the same? Or do I have to deploy patches with a deployment client task? My goal is to update 10 clients which are tagged with a test-tag first and then do the whole big update.
- What is the ePO Agent Key Updater for? Should I update it before or after the agent itself?
- Can I skip Patch 2 when I install Patch 3?
Sorry for all those question, but I really don't understand it when I read the handbook/manual.
I hope someone can help me.
This is essentially a two step process.
1. Check the product into ePO
2. Deploy the product to your endpoints.
To get it into ePO you only need to check in the latest version of they Key Updater and the Patch into the Current branch. You can press the Update beside those two items only.
To get it deployed to your agents create a client task of a type called McAfee Agent -> Product Deployment -> Create Task and then choose "install" the latest McAfee Agent version..
And you can jump straight to the latest version of the patch, which is patch 3.
Thanks a lot. It did work. However, I have two questions. After updating the agent, i also deployed a update for VSE with 2 steps:
- Deinstalling the old VSE Version
- Installing the newer VSE Version
Some users report, that they were asked to reboot their computer within one hour. While this is ok for those 10 test-computer, it will be a horrible thing when deplyoing the update for 3500 clients and SERVERS. Am I doing the VSE update wrong? If not...is there a way to suppress the reboot request, as I simply can't force users and especially servers to reboot.
Strictly speaking you shouldn't need to do it in two steps: the VSE installer will recognise that a previous version is installed and upgrade it. This might avoid the scenario that is causing the request for a reboot. (It's not guaranteed, however - as I understand it there are certain situations where a reboot is unavoidable.)
I would try with just the install task and see if it works better in your environment.
Unfortunately, it did not work just to deploy the newer version of VSE - it always failed during this process. I tried it in two seperate environments and on at least 10 clients. The log didn't tell me anything. On monday I will try it with the more detailed log option turned on, maybe this will tell me more.
Any ideas what it could be?
Btw..I just found an option in the agent policy which demands for reboots if required. It was turned on. Maybe this will also help to suppress reboots?
Thanks and kinds regards
Another thing to try would be to manually run the VSE installer on a client machine: that way it will run interactively and it will tell you what it's doing. It may be that this will give us a better idea of what's causing the reboot request.
I'm also trying to update McAfee Agent from 4.5 to 4.6. I've noticed also in the Software Manager, that I need to upgrade some components of the McAfee Agent product, specifically:
* ePO agent key updadter (patch3)
* Install - Windows (Patch 3, Embedded Credentials)
I've read the ePo's product guide to understand the purpose of this ePO agent key update, but I still don't understand why there's an component Install Windows + Embedded Credentials. Does it mean that additional credentiales will be installed in the client machine when updating McAfee Agent??
There is also a Reporting and Policy Extension (patch3) component pending to be updated. Should I update this also? Does it affect the deploy of new McAfee agent in the client machine?
Any help will be useful as I running out of time to perform this update. Thanks in advance.