4 Replies Latest reply on Feb 28, 2017 5:21 PM by wjmarche

    SBS2011 - Install


      I want to install Endpoint Security  10.5 On my SBS2011 server.  I am running exchange 2010 and sharepoint.  Do I need to do any special configuration for exchange server? or does the wizard take care of it?





        • 1. Re: SBS2011 - Install

          This article has information about how to configure ENS for various products (including Exchange): https://kc.mcafee.com/corporate/index?page=content&id=KB66909

          • 2. Re: SBS2011 - Install

            Thank you.  My workstations and my server are managed from the cloud at manage.mcafee.com.  The next question is, after the install, can I do the config right at the server? or do I have to do it from the cloud?



            • 3. Re: SBS2011 - Install

              I haven't used the cloud management, but I presume it's much the same as a local ePO.  If so then it'd depend on how your policies are configured; if the cloud policies are set to overwrite the local ones, then you'll have to do it in the cloud. If they're not set to overwrite, then you could do it from either location.

              • 4. Re: SBS2011 - Install

                ePO-Cloud does not have much difference from an on-promise ePO, so I suggest you to duplicate the policy (by following the best practices of the product):


                Endpoint Security Threat Prevention : Policy Category > On-Access Scan > My Default


                And then, enable on the Process Settings section ---> Configure different settings for High-Risk and Low-Risk processes


                NOTE: all the path you find for the exchange server and sharepoint should be added in both "Standard" and "low-risk" exclusions section. Also, all the processes must be added and classified as low-risk.


                If after setting and applying this policy, you're still having any problem, you may check locally on the server:


                C:\ProgramData\McAfee\Endpoint Security\Logs\AccessProtection.log

                C:\ProgramData\McAfee\Endpoint Security\Logs\OnAccessScan.log


                You will see some lines with the process that is being blocked and the rule, so you can take the process missing and add it as exclusion.


                NOTE: in case the process triggered an access protection rule, you must add that process as an exclusion on the rule shown.