Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
3371 Views 5 Replies Latest reply: Mar 9, 2009 9:05 AM by thermo144 RSS
Newcomer 7 posts since
Feb 10, 2009
Currently Being Moderated

Mar 5, 2009 8:48 AM

VSE 8.5i Patching through EPO

Hello,

This may be a very basic question, but, we are currently using EPO to push the McAfee agent and VSE 8.5 to our users and I was wondering whether the latest patches are automatically installed when the machines go out to our centralized update server? If not, could someone point me in the right direction of a guide to installing these patches through EPO? We are having some issues with machines not going out for updates or returning blank values to the out-of-compliance summary and I was thinking that the latest patches may help with some of these issues. Thanks for the info!
  • Newcomer 52 posts since
    Feb 4, 2008
    Currently Being Moderated
    1. Mar 6, 2009 9:40 AM (in response to thermo144)
    RE: VSE 8.5i Patching through EPO
    It depends really. You have two options with how Mcafee works that i find. One is when you check in the Virusscan package. For example Mcafee Virusscan 8.5 is offered with patch7. If you check in that package and set a deployment to install mcafee 8.5 the agents will get 8.5 and patch 7.

    Now at this point patch 8 is offered. If you check that package into your ePO server you have to make sure a task is defined to update patches, service packs, etc.


    For us we have a VirusScan deployment that "Run at every policy enforcement " that will deploy mcafee 8.5 with i think patch 5 right now. So for use everyone agent that checks in will get mcafee 8.5 with patch 5.

    Now we also have checked in just patch 7 at this point and we have a deployment that runs once a month on the weekend to upgrade the agents patch level. During that task they will get patch 7.


    Also, i personal can not stand the options for deployment with Mcafee so i push out the patch upgrades with our software deployment and let that filter out before checking in a package with mcafee. Plus i get better reporting this way because we can have alot of machines of the domain at one time. Also, Mcafee seems to do its own thing one to many times for my liking.


    Make sense?
  • epo_user_00 Newcomer 21 posts since
    Mar 6, 2009
    Currently Being Moderated
    2. Mar 6, 2009 12:08 PM (in response to Johonn)
    RE: VSE 8.5i Patching through EPO
    Word of caution--I'm using ePO 3.6.1, and I wanted to do a limited release of Patch 5 to a few test workstations before deploying it to the entire directory. I used the "Daily Update" task on the test container, and made sure that Global Update for patches and service packs was disabled.

    However, as soon as I checked the package into the repository, it went out to the entire directory. I still to this day haven't figured out why. Fortunately, it had no negative consequences.

    I believe that's what Johonn means when he says "Mcafee seems to do its own thing one to many times for my liking."

    Johonn, any tips on using a software deployment package to release VSE patches? Do you have a list of command line switches, and what other commands, if any, do you need to include when creating the install package for the patch?
  • Newcomer 52 posts since
    Feb 4, 2008
    Currently Being Moderated
    3. Mar 9, 2009 6:20 AM (in response to epo_user_00)
    RE: VSE 8.5i Patching through EPO
    sure, say i want to install patch 8 for virus scan 8.5. You will need the patchX.msp from mcafee. You can find the patchX.msp file within the zip file you download, VSE85iP8.zip


    The script i am using basically goes.....


    1. Check to make sure 8.5 is installed
    a. C:\Program Files\McAfee\VirusScan Enterprise\RepairCache\vse850.msi
    2. Check to make sure latest patch you are installing is not already installed
    a. C:\Program Files\McAfee\VirusScan Enterprise\RepairCache\Patch8.msp

    3. If 8.5 is installed and patch8.msp is missing then install patch 8
    4. Execute MSI in "Appy patch mode"
    a. msiexec /p "location of .msp file"
    5. force mcafee agent update
    a. "C:\Program Files\McAfee\Common Framework\CmdAgent.exe /p /c"


    Now depending on the software deployment package you may have the option to execute/install an msi and you can select the "Apply Patch" option vs. Install, Repair, etc. If not then i provided the command line for msi above.
  • epo_user_00 Newcomer 21 posts since
    Mar 6, 2009
    Currently Being Moderated
    4. Mar 9, 2009 6:58 AM (in response to Johonn)
    RE: VSE 8.5i Patching through EPO
    Great, thanks. Will give it a shot.

More Like This

  • Retrieving data ...

Bookmarked By (0)