I am trying to deploy Rogue Sensors on Windows 7 SP1 workstations but getting no reaction from them. However, when I run the deployment on Windows 2008 server it deploys just fine and detects systems just fine. I have 2 managed Windows 7 machines that I run the Rogue Sensor deployment and the EPO server acknowledges the deployment. However there is no reaction on either machines. I've removed HIPS from them just to make sure theres no conflict there. I"ve also configured the VirusScan to allow changes to all McAfee files. Any other changes I make are acknowledged right after a wake-up however Rogue Sensor is not picked up. I have EPO Vs 4.5 and McAfee Agent 4.5. I have Rogue sensor v 4.5. Please help!
You don't mention which patch level of ePO 4.5 you are running, but please note that for ePO 4.5, patch 5 is the minimum requirement for Windows 7.
See McAfee support article KB67203 - 'Supported environments for Rogue System Detection 4.5 / 4.6 Sensors' via the McAfee service portal site:
I am running EPO 4.5 Patch 3. This is the only software I'm allowed to use at the moment. I have an old EPO 4.5 server that has Rogue Sensor extension 188.8.131.523 running and deploying to Windows 7 boxes with no problem??? My new server has RSD extension 184.108.40.2067 and I can't get it to even give me an error as to why its not deploying. Again, my Windows Server 2008 took it with no issues at all.
I just realized that you CAN manually install it from the EPO Server...however its not recieving policy from the server. So yes, I technically have a Rogue Sensor in existance on my Windows 7 box however its not recieving any policy changes I'm making from the server. Is this something that can be fixed or is this because it did not recieve a "deployment"? I have a different port than the standard set in my policy and thats making it so the Rogue Sensor is not reporting to the server.Message was edited by: ssaunders on 10/28/11 12:06:31 PM CDT
I'm afraid that as far as I know if you want Rogue sensors to work properly on Windows 7 you really do need to have the ePO server at 4.5 patch 5 or higher. Changing ports or deployment method is not going to change that.
You can of course continue to use the sensor on other OS, so if possible you should pick & choose the host OS for sensors until such a time as you can install the patch or upgrade to ePO 4.6.