1 of 1 people found this helpful
Ive been through this and just removing the install vse 8.5 from the default deployment and replaceing with install 8.7 will cover 98% of machines unless you have them locked down in some way. When the VSE 8.7 installer runs it removes vse 8.5 automatically.
I would first turn off the access protection rules relating to stopping and altering mcafee files and services though and make sure this has propagated through the estate.
Additionally I got about 40 out of 6000 errors with the outlook scan component where users had updated with ( what seems to be isolated to multiple versions of ) outlook open, this is a 20 second fix to open outlook remove both the outlook scan components and restart outlook and readd the 1 that remains.
You may get some odd machines that have had multiple upgrades over the years and require either remove all VSE and reboot before install or have broken installers and need Mcafee removed manually but they will be rare. I would obv recommend you run some testing on standard level pc's to see if you have specific issues.
* Moved thread to EPO board as this mostly concerns EPO changes
Thank you Tony for your precious input.
How do i go about: "turning off the access protection rules relating to stopping and altering mcafee files and services"?
Also, what are the implications in terms of network traffic? How can we configure a phased deployment?
The policies are in the access protection section of the vse policies in EPO
the ones you want to temporarily disable are the 4 McAfee rules under common standard protection section and also the prevent mcafee services being stopped check box on the main access protection section.
Assuming you have your machines broken up by building or IP range or whatever just break inheritance on the deployment task and alter it a few sections at a time, I would go with out of hours upgrade if possible though as the upgrade will be blitzing the clients CPU for a while and you run less risk of having outlook scan issues. ( of course if you arent using this component you can remove it from the vse 8.7 package with installation designer before you upload the altered package to epo and not get the risk of this at all)