Another problem is that when disabled Mac Endpoint Protection tells the user their system is at risk. There needs to be a way to disable this additional functionality without visually alerting the user that its disabled with this kind of message. Most users in our environment use the builtin firewall and the application protection has a number of issues even when enabled in prompt mode. Mainly that it does not remember what the user has permitted so you constantly have to permit commonly used applications. If the product was more mature like the Windows HIPS product maybe its something that could be effectively used but as is Mac Endpoint Protection functions poorly in these areas.
I'm not aware of any separate command line options to install certain components of Vscan for Mac and there's no installation designer equivalent that i know of.
Maybe one of the product specialist can lend comment?
Someone has added a Product Idea for a Mac Installation Designer- you may want to add vote it up and add a comment if required: https://community.mcafee.com/ideas/1154
Thanks for the response. I noticed in your signature that you are running 1.1, how do you have the product configured and are you having issues related to the firewall and the application protection components?
I only have about half my Macs running 1.1 at the moment as i have to go through a 3 step process to upgrade them to 9.1 from their current agent/av versions.
My settings are standard- OAS on, with R+W, clean, quarantine for OAS and ODS and vmdk exclusions.
I don't see any Firewall and Application Protection components in the policy like you mentioned above.
As you can see we have a relatively small Mac base and I 'm not familiar with Macs too much myself. Our Mac support guys have not mentioned anything untoward happening with regards to the VScan for Mac settings on the Macs though.
Sorry not to be more help.
Maybe we have a different product under our grant number, we have Mac Endpoint Product, which now has the Application protection and firewall components. These components have there own policies seperate from the AV. If we disable them our test systems get the warning shield and say the system is at risk. Thanks for the AV configuration though, nice to see what others are doing for the OAS settings and exclusions. I may open a new thread to discuss typical Mac exclusions as I cannot find a KB on recommended exclusions.
Ahh- we have McAfee Viruscan for Mac under ours. Does yours include the encryption product / or HIPS by any chance?
We had corruption of virtual machines and i added in that exclusion (sure there was a KB article for that)- that was a specific request from a user. As i said, I get to play with a Mac every now and again, so only if users have a problem do i get involved with the Mac side of things.
EDIT- there's also a document that explains how to add exclusions https://community.mcafee.com/docs/DOC-1271
Message was edited by: jmcleish on 24/02/12 10:36:04 CST
Can anyone confirm that there are two different products here? When I go to the Downloads under my grant number I am presented with a McAfee Endpoint Protection for Mac 1.1 section. The download identifies itself as McAfee Security for Mac 1.1. If I download this and deploy via ePO I end up with 3 products (plus the agent) installed on the system. See the image below:
All 3 were installed via a single deployment task for MSM 1.1 and I see no options to do otherwise. Is there a version of McAfee Security for Mac that does not include the firewall and application protection? Any help would be appreciated.
1 of 1 people found this helpful
I confirmed with my reseller that
"Mac Endpoint protection is the new product suite for Macs that includes AV and a desktop firewall which has a level of application control"
I just have 'McAfee VirusScan for Mac' which does not include the firewall.
Thanks for the help jmcleish. We'll contact our McAfee rep to see if the older product is something that is available to us.