Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
679 Views 4 Replies Latest reply: Jan 23, 2013 10:47 AM by vandreytrindade RSS
vandreytrindade Apprentice 46 posts since
Jan 23, 2013
Currently Being Moderated

Jan 23, 2013 9:30 AM

Deny framework from being uninstalled...

Hi,

 

I'm using ePO to manage VirusScan on the computers in my organization.

All users have administrator rights in the machines and they are able to uninstall the framework using the command line:

 

  • "C:\Program Files (x86)\McAfee\Common Framework\FrmInst.exe" /forceuninstall

 

Is there a way to deny framework from being uninstalled that way?

Using policies in ePO... NTFS permissions or something else?


Att,
Vandrey Trindade
  • wwarren McAfee SME 778 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. Jan 23, 2013 9:43 AM (in response to vandreytrindade)
    Re: Deny framework from being uninstalled...

    Yes, but you will unavoidably break something (such as any hopes of upgrading). So this type of action is not supported.

     

    There is a commonly requested product enhancement of wanting to password protect the removal of our software (instead of taking away admin privileges).

    But, arguably there's need within companies to monitor and even sanction what users with admin privileges do instead of relying on software to protect itself from administrators. The windows security model means Administrators have full control of everything - all software can do is make it more difficult for them.

  • wwarren McAfee SME 778 posts since
    Nov 3, 2009
    Currently Being Moderated
    3. Jan 23, 2013 10:27 AM (in response to vandreytrindade)
    Re: Deny framework from being uninstalled...

    I believe we want to, it's just a question of when. Normally something like this would be considered for inclusion in a future product release, and Support can't provide you much insight into what future products will look like or when they'll be available - at least, not until those releases are closer to an actual release date.

     

    If you have a Support Account Manager (SAM/RSAM), you could ask them about future releases.

     

     

    I could suggest trying to use VSE's access protection feature to assist you in hindering your admins, but I don't want someone to incorrectly create an AP rule and wind up trashing their network - which is entirely possible with bad AP rules. So, as long as you're careful with the rules and test them thoroughly before rolling them out, it's a plausible solution.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points