5 Replies Latest reply on Apr 14, 2016 10:20 AM by wwarren

    upgrade Agent from to


      I want to do an upgrade of the agent from to

      But there is allready VSE 8.8P7 running on the endpoints, can I do a direct upgrade or do I have to do an uninstall of VSE, then an upgrade to, then a reinstall of VSE8.8P7 and then an upgrade to


      Best Regards,


        • 1. Re: upgrade Agent from to

          It is a legal migration path for you to simply upgrade to the agent. VSE would not have an issue with that.


          What's unique to the 5.x agent, aside from the new Agent process names in 5.x, is that it installs our McAfee Controller service (mfemms.exe)

          VSE doesn't use this service.

          • 2. Re: upgrade Agent from to

            Thank you for your fast response.

            And can I allready activate the ePO agent Key Updater ver and MsgBus Cert Updater for all the endpoints before I do the upgrade?

            • 3. Re: upgrade Agent from to

              Hi, changing from Agent 4.x to 5.x take care! .-)


              1) Agent 5.x is updating the SysCore component. So take a look if your installed McAfee products are compatible with this Version of the Agent.

              2) Check your Access Protection Settings in VSE. If there are the self protection rules in place the new Agent processes are blocked. This can result in a complete damaged McAfee Installation.

              3) If you are planning to upgrade from VSE Patch x to Patch 7 and Agent 5.x is already installed you should wait for Agent 5.0.3.x Release (Support Info). Agent 5.x often breaks a VSE Patch 7 Installation.


              If you check your Access Protection Rules also check if you have Events where Access protection is blocking DAT Reputation. :-)


              Additional you may take a look at this links.


              Re: VSE 8.8 Patch 7 update order

              Access Protection rules triggered when installing a VirusScan Enterprise hotfix or when performing a McAfee Agent upgrade




              • 4. Re: upgrade Agent from to

                In their scenario they already have VSE 8.8 P7, which uses the same SYSCore version that MA is using; which means SYSCore is not going to be upgraded in this case.

                However, it will introduce the McAfee Controller Service. They'll notice a new service is added to the system (along with the new MA 5.x services), called MFEMMS.exe.


                I call it out because it does have an indirect functional impact to VSE, even though VSE doesn't use that service explicitly. So in that light it's something to be aware of, to test for in the environment, to ensure nothing odd comes out of the change from introducing that service.

                • 5. Re: upgrade Agent from to

                  Regarding your follow up question, my understanding is that the Master key is already built into your Agent package and only if you've changed that key then the Key Updater simply allows existing deployed agents to adopt the new key. In other words, you wouldn't have to do anything regarding ePO Agent keys, and if you did want to change the Master key, that could be done at any time.

                  But, I have to cite some ignorance here because Agent isn't my area of expertise.