1 Reply Latest reply on Aug 29, 2013 9:41 AM by Kary Tankink

    Installation Error 1603




      I just want to know what causes above error when trying to upgrade HIPS from v7.0 to v8.0. I am attaching a copy of logfile of 1 affected machine that might help isolate the issue.


      Thanks in advance... 

        • 1. Re: Installation Error 1603
          Kary Tankink

          MSI 1603 is a generic "failure".


          Here is the cause:

          InstallShield 9:26:50: Invoking script function HIP7_CheckProtectMode

          CALog (09:26:50): Unable to write to C:\Program Files (x86)\McAfee\Host Intrusion Prevention\

          CALog (09:26:50): Product is in self-protect mode.  Please disable self-protect mode before installing.



          MSI (s) (A0:F8) [09:26:50:257]: Product: McAfee Host Intrusion Prevention -- Installation operation failed.


          If doing local installs of HIPS, you will need to disable the Host IPS module first (Step#1 of KB73127 - MSIEXEC uninstall commands for Host Intrusion Prevention 7.0/8.0), but since you deployed via ePO, this shouldn't be necessary.  Make sure you have the right "McAfee Default" policies in place though.  This might be why the ePO deployment failed.


          PD22894 - Host Intrusion Prevention 8.0 for ePO 4.5 Product Guide





          Policies and their categories

          Policyinformation for Host Intrusion Prevention is grouped by feature and category.Each policy

          categoryrefers to a specific subset of policies.


          Apolicy is a configured group of settings for a specific purpose. You cancreate, modify, or

          deleteas many policies as needed.


          Eachpolicy has a preconfigured McAfee Default policy, which cannot beedited or deleted.

          Exceptfor IPS Rules and Trusted Applications, all policies also have an editable MyDefault

          policybased on the default policy. Some policy categories include several read-onlypreconfigured

          policies.If these preconfigured policies meet your needs, you can apply any one of them.These

          read-onlypolicies, like all policies, can be duplicated and the duplicate customized, ifneeded.

          IPSRules and Trusted Applications policies are multiple-instance policies becauseyou can assign

          multiplepolicy instances under a single policy. The policy instances are automaticallycombined

          intoone effective policy.


          TIP: The McAfee Default policies for IPS Rules and TrustedApplications are automatically

          updated as part of thecontent update process. McAfee recommends always assigning these

          policies to all clientsand creating additional policy instances to customize the behavior of these