1 Reply Latest reply on May 11, 2016 10:27 AM by mjarpeng

    Migrating from VSE/HIPS to Endpoint Security 10.1

    bblanchard

      We have an environment running VSE 8.8, HIPS firewall and IPS. Since Endpoint Security 10.1 does not have the IPS functions of HIPS yet (only firewall), which approach is recommended?

       

      1- Use Endpoint Security only for VSE (threat protection) and keep the HIPS 8 until both functionalities are moved to Endpoint security

       

      2- Use Endpoint Security for both VSE (threat protection) and Firewall, and keep the HIPS agent on the system with only the IPS function enabled

        • 1. Re: Migrating from VSE/HIPS to Endpoint Security 10.1
          mjarpeng

          Hi, I would say option 2.

           

          This is taken from the migration guide:

          Decide which migration path to follow by considering the characteristics of your network or managed systems and your migration goals.

          1.) Decide whether you need to migrate at all. Do you want to retain any current settings and assignments for your legacy products?

          • No — Install Endpoint Security 10.1 without migrating. See the McAfee Endpoint Security Installation Guide for instructions.

          • Yes — Use the Migration Assistant to migrate your settings before deploying Endpoint Security 10.1 to systems.

           

          2.) If you do want to migrate your settings, decide whether to migrate automatically or manually.

          • Automatic migration is a "hands-off" process. The Migration Assistant makes all the migration decisions "behind the scenes."

          Recommended for:

               • Networks with fewer than 250 managed systems.

               • Customers who use default policy settings or a minimum number of custom policies.

               • Migrating the Host IPS Catalog.

           

          • Manual migration is a "hands-on" process. You make most of the migration decisions by selecting the objects to migrate and editing their settings, if needed.

          Recommended for:

               • Networks with more than 250 managed systems.

               • Customers who use multiple custom policies.

               • Customers who want to fine-tune existing policy settings during the migration process.

               • Customers who want to fine-tune assignments.

               • Customers who want to personally supervise and approve each step of the migration process.

           

          Choosing a migration path:

          Automatic migration
          Pros

          • Requires minimal input from you.

          • Migrates all the settings for each supported product. All of your policies and client tasks are migrated at the same time.

          • Retains policy and client task assignments.

          • Migrates the Host IPS Catalog.


          Cons

          • You can't select specific policies or client tasks to migrate.

          • You can't edit policies or client tasks.

          • Does not migrate unassigned policies.

           

          Manual migration

          Pros
          • Lets you select each policy and client task to migrate.

          • Lets you edit the settings for each policy or client task to migrate.

           

          Cons
          • Requires more input from you.

          • Does not retain assignments. You need to assign policies and client tasks to managed systems.

          • Does not migrate the Host IPS Catalog

           

          Hope this helps! /Michael