We are currently trying to incorporate the Host IPS client package into our gold build process. As part of the current process, tools and packages are installed from read-only media. This does not appear to be possible for Host IPS 8.0. The below summarises what we have done, and the outstanding questions we have.
Installing the Windows client locally
- As per the Product Guide "Installing the Windows Client" locally section, we are attempting to install via the exe as described. I want to call out the following:
- Step 1: Copy the client installation package file to the computer
- Step 2: Run the installation program (McAfeeHip_ClientSetup.exe) in the package
- Step 3: Follow the on screen instructions to complete the installation
The first issue that we have is that we are trying to install from the ISO. On each of the virtual servers, I open the ISO as a CD/DVD, and attempt to run the install exe as administrator. Nothing happens. If I copy the package files to the local hard drive and run, then this works fine. The installer appears as a running process, and carries out the install silently. The FireSvc and HipMgmt processes appear, and the install completes. The McAfee Agent Monitor then shows that policies are being enforced for HOSTIPS_8000.
Now I appreciate that Step 1 above advises that the installation package should be copied to the computer, however I was wondering if I could seek clarification on the below:
Q1) Although KB52586 advises that the Host IPS 8.0 installer is hard coded, I note that the package still contains setup.ini files. Are these actually used? I can certainly run some tests, but if I did add INSTALLDIR, is it possible to advise now if this would work? Would it be supported? UPDATE: After carrying out a quick test, it doesn't appear to work.
Q2) What is actually hard-coded in the Host IPS 8.0 installer? Is this hard coding the reason that we can not run the installer from a RO source, such as the ISO?
Q3) Are we essentially stuck with having to copy the package to the computer first? Are there any plans to change this, or would we need to follow the PER process to request this?
Q4) What does the exe actually do, under the hood?
Thanks in advance,
Notes on ISO creation and server setup:
- Extracted contents of HIP80LMLRP4.zip
- Right clicked on Folder and created an non-bootable ISO file (using trial copy of PowerISO)
- Created 3 vanilla Windows servers (2008R2, 2012 and 2012R2)
- Each of the servers has McAfee Agent 126.96.36.1990 (4.8 P2 RTW) installed