My MA is 5.0.2. Does is support VSE patch 1, 2 and 4?
McAfee Agent 5.x supports VSE 8.8 Patch 4-6. See the McAfee KnowledgeBase - McAfee Agent 5.0.2 compatible products article for further detail. If your systems are not yet using 5.0.2 for the Agent, I would suggest updating VSE first, and then move to the 5.x agent. You will need to reboot for any VSE update. There are numerous drivers and files that are changed in each patch. You do not want to install multiple patches and then reboot on any system. You are definitely going to need maintenance windows that these servers can be rebooted to accomplish this task. In the interim, if needed, you can migrate the servers to the new ePO 5.3 server and manage them with the same policy, etc. as you are today.
I would review McAfee KnowledgeBase - Supported platforms, environments, and operating systems for VirusScan Enterprise as it details the supported upgrade paths and such. This article is one that I strongly recommend bookmarking and referring to occasionally when new patches are released. According to the release notes for VSE 8.8 Patch 4, available at https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/ 24000/PD24834/en_US/VSE8_8_Patch4_Releas…
This package does not upgrade VirusScan Enterprise version 188.8.131.527 (RTW).
To update with the Patch 4 package: ◦ On 64-bit systems, first install Patch 2, then Patch 4.
◦ On 32-bit systems, first install Patch 1, then Patch 4.
Alternatively, uninstall VirusScan Enterprise 8.8.0 and reinstall with the Repost Patch 4 package.
As stated above, you will need to reboot in-between patches if that is the route you go. You will also need to reboot if you have to uninstall and then reinstall the product.
ePO 5.3 does not care about the VSE 8.8 patch level, as its more concerned with the supported VSE extensions that provide policy and reporting. In this case, as long as you're using a supported version of the VSE extension, you can manage systems that are running VSE 8.8 at any patch level.
As you said you are needing to migrate to a new ePO server as ePO 4.6 is EOL at the end of this year, I would suggest reviewing the following blog post from Peter Simmons who is an Intel Security Sales Engineer. He's written about the systems transfer process. Connecting Two ePO Servers. Here is a KB article as well that you may wish to reference as well - McAfee KnowledgeBase - How to transfer/move computers from one ePO server to another
You will want to make sure before you migrate, that all of your policies have been imported into the new server, that your system tree sorting is configured the way you want it to be, and that policy assignments are correct. If you move a server and it suddenly gets new and different policy, you run the risk of causing an outage on that system. I strongly recommend testing the migration process on non-critical devices to ensure that it works as you would expect it to.
Some other articles you may wish to reference:
- McAfee KnowledgeBase - ePolicy Orchestrator 5.3 supported products
- McAfee KnowledgeBase - Supported Platforms, Environments, and Operating Systems for ePolicy Orchestrator
- Patching VSE - risk level - This blog is written by wwarren who is one of the top support guys for VSE. I would highly suggest everyone read and bookmark this fantastic resource.
- Patching VSE - testing, testing, is this thing on?
Hope this helps!
Thank you for taking yout time.
SInce I need to reboot my servers, can I leverage windows patching time slot? Can windows be patched, then I load VSE patch and then reboot server?