6 Replies Latest reply on Feb 23, 2012 9:28 AM by Kary Tankink

    Upgrade from HIPS 7 to HIPS8 without network downtime?

    pierce

      Hi All,

       

      I have just taken over management of our ePO server (4.5).

       

      I have checked in to eval HIPS 8.0 and migrated the policies.

       

      The Issue I have is that when the client task runs on a machine to upgrade the users from HIPS 7 (various version...) to HIPS 8 the process seems to be as follows.

      1, agent shows software downloading

      2, HIPS 7 is removed

      3, networking is disabled apart from to ePO server while rest of software is downloaded and installed.

      4, networking comes back up fully as HIPS 8 install completes.

       

      This results in the end users being unable to access outlook/internet for between 10 and 20 minutes.

       

      Am I doing something wrong with the upgrade or is this the only way to upgrade the end users? I would prefer something that is seemless that the end users will not notice going on much like the VSE 8.7 to VSE 8.8 which I am also testing.

       

      many thanks,

      Pierce

        • 1. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?
          Kary Tankink

          When running the Host IPS 7.0 installer, this causes the Host IPS NDIS drivers to be installed/uninstalled, which takes the network connection offline for up to 30 minutes.  If the install/uninstall of the NDIS drivers are successfully, but take up to 30 minutes to complete, then this is as designed.

           

          KB59945 - McAfee Product Management Statement - Impact of NDIS drivers during McAfee Host Intrusion Prevention installation

           

          This has been changed in the Host IPS 8.0 installer as it uses NDIS 6.0 technology, as documented in the KB.

          1 of 1 people found this helpful
          • 2. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?
            pierce

            Hi Kary,

             

            Yes that indicates the IP stack needs to be re-built which is a temporary issue. What I am seeing is restricted access on the network.

             

            For instance my outlook disconnected and I could not browse to any website. However looking at the agent log it appeared to be still downloading the HIPS update.

             

            It was almost like during the uninstall it disabled all connections apart from to ePO until it was finished.

             

            I think I need to find another machine to uninstall and re-install separately to see if there is any difference.

             

            thanks,Pierce

            • 3. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?
              Kary Tankink
              For instance my outlook disconnected and I could not browse to any website. However looking at the agent log it appeared to be still downloading the HIPS update.

               

              I could be wrong, but I'm pretty sure this is just the appearance that it's downloading something, but really, it's downloaded the update and running it.  Installing Host IPS 8.0 will invoke the uninstall of HIPS 7.0 first, then install 8.0.   Like you stated, separating how the uninstall/install so you can see the system state would give you a better idea of what is occurring in which installer.

               

              Also, NDIS 6.0 is for Windows Vista and higher.  You might still lose network connectivity with HIPS 8.0 and Windows XP/2003, as these OS'es do not use NDIS 6.0 (haven't tested it myself yet).

               

              http://en.wikipedia.org/wiki/Network_Driver_Interface_Specification

              1 of 1 people found this helpful
              • 4. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?
                pierce

                Thanks Kary,

                 

                Ill run the uninstall and install individually on a machine tomorrow and see how long the networking is actually down for on an uninstall and then a install and then compare against a update.

                 

                So far its 20 updates and all reported down time of 10 to 20 minutes.

                 

                thanks!

                Pierce

                • 5. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?

                  Is this resolved..

                  Iam also having the same problem , even when installing manually the network gets disconnected for two/four pings. Is this normal.

                  Thanks,

                  • 6. Re: Upgrade from HIPS 7 to HIPS8 without network downtime?
                    Kary Tankink

                    If you are installing HIPS 8.0 on Windows XP or 2003, the network will be disconnected briefly while installing/uninstalling the NDIS drivers, since these older operating systems are limited to Microsoft NDIS 5.0 architecture.  Also, installing/uninstalling HIPS 7.0 will always take down the network briefly.