2 Replies Latest reply on Jul 29, 2013 1:18 PM by Scott Sadlocha

    Ability of MS ForeFront to Remove VSE

    Scott Sadlocha

      Hey Everyone,

      I am new to the community and to McAfee products in general, and I am trying to get up to speed as quickly as possible. At my company, we are in the middle of a rollout of the full suite of McAfee Endpoint products, including VSE. Previously, the company had used MS ForeFront for its AV needs. Since the rollout is in the early stages, we still have ForeFront in the environment. This is also needed because ForeFront is set up as part of Cisco ISE / NAC and needed to validate to the network (though our nework folks should be getting McAfee added any time now). Our environment uses MS SCCM to push out ForeFront.

       

      We are currently pushing out VSE to several computers as part of a test run, most of these being IT computers. The initial install of VSE did not uninstall ForeFront, but we are working with a newer package to get that resolved. In those that had both products installed, we have tried two tactics, leaving them alone, and manually uninstalling ForeFront. However, we have noticed that SCCM will run a task to reinstall ForeFront, and in doing so, uninstalls VSE and the Agent.  This happens even though we have the policy settings enabled in ePO that should stop this from happening (protecting McAfee processes from being stopped and files from being modified).

       

      What I would like to know is, has anyone had any experience with this before, and if there is a way to prevent it from happening? Any information would be greatly appreciated.

        • 1. Re: Ability of MS ForeFront to Remove VSE
          rmetzger

          Hi Scott,

           

          Let me see if I got this right:

           

          MS SCCM is deploying ForeFront. ePO is deploying VSE. Once SCCM discovers a system without ForeFront installed, it redeploys ForeFront, deleting VSE in the process. Correct?

           

          Sounds like a MS SCCM deployment issue. Is there a rule that states if a Valid AV solution (VSE or ForeFront) is in place, MS SCCM is not to deploy ForeFront?

           

          I am not sure it is a good idea to make ePO stop SCCM from working properly. This is a fight without winners.

           

          Hope this is helpful.

          Ron Metzger

          1 of 1 people found this helpful
          • 2. Re: Ability of MS ForeFront to Remove VSE
            Scott Sadlocha

            Thanks for the info Ron. We ended up creating some exclusions in SCCM to avoid this as part of our rollout.