Hi everyone, I wanted to issue a warning to anyone thinking of deploying ENS 10.5.1 hotfix 1 or 2.
Hotfix 1: Cannot exist in the same branch as ENS 10.5 patch 1 --If these exist in the same branch, for computers running 10.5.1, the McAfee Agent will generate errors when checking for ENS patches/hotfixes:
“Error occurred while downloading C:\ProgramData\McAfee\Agent\\Current\ENDP_GS_1050\Patch\0000\PkgCatalog.z” as well as “required patch not installed” for each of the ENS components. As a result of computers not being able to download PkgCatalog.z, they will cycle through all available repositories looking for that file and then will look for it via update.nai.com (where is obviously does not reside). If you run an epo query looking at repository activity, you'll notice a huge spike in traffic going to the external fallback server (if enabled for clients). Support is aware of the issue but it has not been documented in a KB yet. Although this doesn't have much business impact, it'll completely screw up your reporting on repository usage. The workaround is to keep hotfix 1 in a separate branch from patch 1-- you can use tagging and policy assignment rules to update the computers to hotfix 1 after patch 1 is installed.
Hotfix 2: Released yesterday, which I'm code naming: cluster $#@#. A similar issue exists as hotfix 1, but OMG, way worse. If hotfix 2 resides in the same branch as patch 1, computers running 10.5.1 will try to re-download and re-install ENS platform patch 1 on every update check. Clients will download setupcc.exe, frampkg_upd.exe and McAfee_Common_x64.msp or McAfee_Common_x86.msp, even though it's already installed. This will generate a 33MB download on every patch/hotfix update check. For companies running satellite offices/retail locations with many computers and low bandwidth connections, this can potentially cripple the network when amplified by many client computers. This issue is 100% reproducible after removing/adding ENS packages from the repositories. The workaround is to keep hotfix 2 in a separate branch from patch 1. I'm creating a support ticket for this today.
I don't know how the heck the issue in hotfix 2 got past QA, considering the issue with hotfix 1 is known to support. Ridiculous. This serves as your warning...