the new products is arrived for update in epo.it is about updating agent into 220.127.116.118 ,I have over 1000 systems that have Agent 18.104.22.1683 with different windows such as 7,8,10. and they have virus scan product in 22.214.171.1244 (patch9) version.
I really concern to update the agent because I think they have previous versions and if I do update,the communication between epo and client agent may lost and I think after that I should remote to 1000 computers and install and uninstall the antivirus manually.
what should I do?should I update or not? on the other hand , I have some systems in windows 10 that they update their windows into version 1703 with build 15063.138. after updating,it shows an alarm that this agent is not compatible with windows 10 version 1703. what should I do with these computers?
Product deployment of agent to 5.05 version will not affect the communication between agent and ePO. To test the solution, you can create a sub tree with 5 - 10 machines.
Create a Product deployment client task for agent 5.05 version and schedule it to run immediately. Machine will get upgraded to latest version without an issue. Post testing you can create a task in parent tree for migrating all the machines.
For Machines where windows anniversary updated, Only 5.05 version is compatible so you have to remove the agent manually on those systems and install the latest one.
very thanks for your help
I really concern about the new version not update old one and the communication failed , does it have any need to first remove VSE and then update it? or it automate compatible with VSE ?How can I have two versions of mcafee agent in epo for test machines?
when I update my VSE into 126.96.36.1998 and patch 9,many of my systems have problem with their performance and in task manager the on access scanner service increase memory up to 70 percent and my systems do not work, what should I do?
should I downgrade my VSE?
Product deployment task to upgrade MA agent to 5.05 is to upgrade the agent to latest versions. There is no need to remove VSE for upgrading. you can go ahead and test the deployment in one or two machines, by which all your above concerns will get answered.
5.05 is compatible with VSE patch 9 and you should work on VSE on access scan exclusions for Performance issue.
can I have two different agent and two different vse in one epo?if yes,how to do this?because for a test I need to have both of them.
for the performance how can I do exclusion?which files not necessary and I can exclude them?my mcshield.exe is the reason of high cpu and disk and when I Need some processes not scan, should I insert them in low-risk processes?in low risk does it recognize threats as trusted when I insert them into low risk processes?
I’m sure you must have gone passed this huddles by now and if not, I think you need to go to latest version 5.0.6 – This is how I achieved mine. Check-in latest package 5.0.6 into evaluation, check-in 188.8.131.528 into previous. Create a sub tree called Agent-upgrade5.0.6 and Agent-Upgrade5.0.5 and move all types of OS into these sub-tree. Create a client task for each upgrade and deploy. I have AD replication configured in my environment which means AD will automatically move these machines back to their respective OU container, so I don’t have to worry so much about that. And if experiencing any issues installing/upgrading to newer version, login to the box and use \forceinstall command or if you have sccm, create a package and deploy via sccm. I managed over 5000 endpoint agents and upgrading per tree or version (create a report and have a visibility of how many version in the environment), then create a server task to point to each version and schedule upgrade off peak
I have been able to upgrade 3000 machine in the last 4 days with no performance issue, another thing to remember if upgrading during peak/busy hour is to enable randomisation say to 30 to 45 min.
Hope this is useful