McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

Brand: McAfee

Model: AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009

Type: Release note

This manual is also suitable for

Agent 4.0

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Release Notes for McAfee Agent 4.0 Patch 2 (Windows)

Thank you for using McAfee Agent software version 4.0. This document contains important information

about this release. We strongly recommend that you read the entire document.

Contents

● About this release

● System requirements

● Rating

● Purpose

● Known issues

● Resolved issues

● Installation instructions

● Allowing users to configure proxy settings

● Finding release notes and documentation for McAfee enterprise products

● License attributions

About this release

Patch Release: March 10, 2009

Patch Package: 4.0.0.1421

This release was developed for use with:

● Data Loss Prevention 2.1 and 2.2

● Endpoint Encryption for Files and Folders 3.1.0

● Endpoint Encryption for PC 5.1.5

● ePolicy Orchestrator 3.6.1 and 4.0

● McAfee Anti-Spam for GroupShield 7.0

● McAfee Encrypted USB 1.0

● McAfee VDisk for Windows 4.1.0

● Host Intrusion Prevention (Windows only) 7.0

● Network Access Control 2.0, 2.5, and 3.0

● Policy Auditor 5.0, 5.0.1 and 5.1

● PortalShield 1.0 and 2.0

● Safeboot Encrypted USB 1.0

● Safeboot Endpoint Encryption for File and Folder (Content Encryption) 3.1.0

● Safeboot Endpoint Encryption for PC (Device Encryption) 5.1.5

● Safeboot VDisk for Windows 4.1.0

● SecurityShield 1.0

● SiteAdvisor Enterprise 1.5, 1.6. and 2.0

● System Compliance Profiler 1.1 and 2.0

● VirusScan Enterprise 8.0i, 8.5i (Patch 7 and above), and 8.7i (with AntiSpyware Enterprise)

Make sure you have installed the correct version(s) before using this release.

System requirements

This section specifies the system requirements for McAfee Agent 4.0.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

● Installed disk space — 14–17 MB, including log files

● Memory — 128 MB RAM minimum, 256 MB RAM recommended

● Processor — Intel or compatible; Intel Pentium or Celeron (recommended); Itanium 2 processors.

● Processor speed — 133 MHz minimum

● Operating system:

❍ Windows 2000 Professional, SP 4

❍ Windows 2000 Server, SP 4

❍ Windows 2000 Advanced Server, SP 4

❍ Windows 2000 Datacenter Server, SP 4

❍ Windows 2003 Server, Standard Edition, SP 1 or 2

❍ Windows 2003 Server, Enterprise Edition, SP 1 or 2

❍ Windows 2003 Server R2, Standard Edition, SP 1 or 2

❍ Windows 2003 Server R2, Enterprise Edition, SP 1 or 2

❍ Windows 2003 Server, Standard x64 Edition, SP 1 or 2

❍ Windows 2003 Server, Enterprise x64 Edition, SP 1 or 2

❍ Windows 2003 Server R2, Standard x64 Edition, SP 1 or 2

❍ Windows 2003 Server R2, Enterprise x64 Edition, SP 1 or 2

❍ Windows XP Embedded

❍ Windows XP Home, SP 1 and 2

❍ Windows XP Professional, SP 1, 2, and 3

❍ Windows XP Professional, x64 SP 2

❍ Windows XP Tablet PC 2005

❍ Windows Vista, SP 1

❍ Windows Vista x64, SP 1

❍ Windows Server 2008

❍ Windows Server 2008 x64

This release does not support Windows 95, Windows 98, Windows Millennium Edition or Windows

NT.

The McAfee Security single tray icon does not appear on 64-bit systems.

Rating

McAfee recommends this release for all environments. This update should be applied at the earliest

convenience. For more information, see KB article KB51560.

Purpose

This document supplements the McAfee Agent 4.0 Readme file in the release package, and details fixes

included in McAfee Agent 4.0 Patch releases.

This Patch contains a variety of improvements. McAfee has spent a significant amount of time finding,

fixing, and testing the fixes in this release. Please review the Known and Resolved Issues lists for

additional information on the individual issues.

Refer to online KnowledgeBase article KB60681 at http://knowledge.mcafee.com for the most current

information regarding this release.

Known issues

Known issues in this release of the software are described below:

● Issue: On systems with EMC’s Power Path software installed, the McAfee Agent fails to start and

the error message “Cannot generate keypair” appears in the Agent_<system name> log file.

(Reference: 452955, 436864, 445158, 447296, 451228, 437592 )

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Workaround: The McAfee Agent must be rolled back to Common Management Agent version

3.6.0 Patch 4 for the systems with EMC's Power Path software installed.

Resolved issues

Issues that are resolved in this release are listed below.

1. Issue: The error message “Failed >> Setting naInet transfer option RelativePath =” appeared in

the McScript and Aviview log files when a UNC repository when it was defined without a

subdirectory following a share name. For example, the definition “\\server\share\directory”

worked as expected, but the definition “\\server\share” caused the error message to appear. The

download would work correctly in spite of this error message. (Reference: 391232, 455183)

Resolution: UNC repositories can now be defined with or without specifying a subdirectory.

2. Issue: When a UNC repository was configured to use download credentials and to use ping time

repository sorting, and the UNC repository was inaccessible for pinging, the McAfee Agent

might run with lowered privileges. When this occurred, the error message “Permission

denied” appeared in the Agent_ log file when the McAfee Agent attempted to write to the registry.

(Reference: 416303, 417404, 432919, 432931)

Resolution: The UNC Repository Updater process now continues to run under the System user’s

credentials when a UNC repository cannot be reached during the ping time sorting process.

3. Issue: When UNC repositories were configured to use the download credentials of the logged-on

user and the logged-on user was not an Administrator, the download would fail. (Reference:

418162, 424677, 425454, 437584, 458651, 466124, 466186)

Resolution: The UNC Repository Updater process now allows UNC replication using the logged-on

user’s credentials.

4. Issue: The download of a product deployment process could fail when an earlier version of the

product had been deployed. (Reference: 421222)

Resolution: The product deployment process has been updated to consistently detect and deploy

updated products.

5. Issue: Updates via a UNC repository would fail on 64-bit systems when the update was

configured to use the credentials of the logged-on user. When this occurred, the error message

“Failed to steal Explorer token” would appear in the Agent_<system name> log file. (Reference:

429292)

Resolution: The UNC Repository Updater process now runs on 64-bit operating systems when

defined to use download credentials.

6. Issue: During the repository download process when the download of a product failed and a

subsequent download of a different product succeeded, the download session was treated as a

success and not retried using the next repository. (Reference: 429950, 429759)

Resolution: The repository download process has been updated to retry the entire update from

the next repository when any products fail to download.

7. Issue: The McAfee Agent no longer provided an embedded credential installation package option.

(Reference: 432427)

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Resolution: An embedded credential installation package is now available through McAfee Tier III

Support. For information on obtaining this package, see KB article KB59954.

8. Issue: Requesting updates from the ePolicy Orchestrator server through HTTP resulted in a large

number of “client denied by server configuration…” error messages to be incorrectly reported in

the server log file. (Reference: 433704)

Resolution: The HTTP connection process has been updated to avoid creating this error message

incorrectly.

9. Issue: During the deployment of Host Intrusion Prevention, the product detection script would

prematurely end when the Host Intrusion Prevention service was not registered. (Reference:

436914)

Resolution: The script engine has been updated to properly detect and report unregistered

services as an error rather than exiting.

10. Issue: Non-English versions of the McAfee Agent could fail to apply incremental DAT updates, and

instead download the full DAT package, resulting in unnecessary network bandwidth consumption.

(Reference: 439397, 441679, 443381)

Resolution: The DAT update process has been updated to ensure that non-English versions apply

incremental updates correctly.

11. Issue: The error message “File is corrupt. Downloading complete file again.” would be incorrectly

written to the McScript log file during the update process. (Reference: 440080, 445479)

Resolution: The update process has been updated to record this error message only when the

file download process detects a corrupt file.

12. Issue: After a successful update of a DAT file, a temporary copy of the DAT package would not be

deleted from the McAfee Agent data directory, resulting in unnecessary disk space consumption.

(Reference: 440930)

Note: This issue could consume all of a system's available disk space.

Resolution: The DAT update process now deletes the DAT package after a successful update.

13. Issue: The McAfee Agent upgrade process would fail to install when it could not successfully

terminate the currently running version, resulting in a McAfee Agent that failed to start.

(Reference: 441182)

Resolution: The McAfee Agent upgrade process has been updated so that if it detects that the

currently installed version cannot be stopped, it quits and leaves the currently running version of

the McAfee Agent operational.

14. Issue: The error log file did not “roll over,” resulting in unnecessary disk space consumption.

(Reference: 449107, 449111, 449341, 450554, 462905)

Note: This issue could consume all of a system's available disk space.

Resolution: The error log file now “rolls over” in the same manner as the Agent_<system name>

log file.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Note: When writing a message to the error log file, the size of the current file is checked. If the

size equals or exceeds the file size limit set in the registry, the following actions will occur:

❍

If the backup file (Agent_<system name>_backup.log) exists in the target folder, it is

deleted.

❍

The current file (Agent_<system name>.log) is renamed as the backup file.

❍

A new current file is created and the message is written in this file.

15. Issue: When the Internet Explorer setting “Automatically detect settings” is selected and “Use a

proxy server for your LAN” is not selected, an automated configuration script caused the update

process to fail. (Reference: 450058, 451906, 452028, 461210, 463930)

Resolution: The update process now runs as expected, independent of these Internet Explorer

settings.

Issues from the Patch 1 release of the software that are resolved in this release are listed below.

1. Issue: An update dialog box appeared in English rather than the non-English language running on

the system. (Reference: 389523)

Resolution: Update dialog boxes now appear in the language running on the system.

2. Issue: When using the “/forceinstall” switch and only changing the data (/datadir=<new folder>)

folder, the upgrade process did not remove the old data folder and used the new folder.

(Reference: 393182)

Resolution: Now when using the “/forceinstall” switch and changing the data (/datadir=<new

folder>) folder, the upgrade process removes the old data folder and uses the new folder.

3. Issue: When the AgentEvents folder was missing, the upgrade process failed. (Reference:

393764)

Resolution: Now the upgrade process creates the AgentEvents folder when it is missing.

4. Issue: Managed product installation routines were executed each time a deployment task ran on

systems that used a language other than English. (Reference: 399232)

Resolution: Managed product installation routines now execute only when necessary.

5. Issue: If the installation or data folder contained a double-byte character, the upgrade process

failed. (Reference: 404111)

Resolution: Now the installation and data folders can contain non-English characters.

6. Issue: When executing the VirusScan update process (mcupdate.exe) with the “/update” and “/

quiet” switches, an upgrade dialog box would still be displayed. (Reference: 405004)

Resolution: The VirusScan update process now honors the “/quiet” switch.

7. Issue: The upgrade process was checking for the existence of the “My Favorites” and “Fonts”

folders. If they were not present, the upgrade failed. (Reference: 405314)

Resolution: The upgrade process no longer requires the “My Favorites” and “Fonts” folders to be

present.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

8. Issue: When an error occurred during Host Intrusion Prevention policy enforcement, the system

could be “locked out of the network”. (Reference: 406896)

Resolution: Now the ePolicy Orchestrator server connection information (server IP, name and

port, and incoming agent wake-up port) is recorded. This allows Host Intrusion Prevention to

create specific rules that allow communication to and from the ePolicy Orchestrator server, even

in the absence of Host IPS policies.

9. Issue: The name of the ePO server the system last communicated with appears in the XML log

file. The value is initially blank and remained blank for a period of time after the first

communication. (Reference: 407154)

Resolution: The name of the ePO server the system last communicated with now appears

immediately after the last server communication.

10. Issue: The McAfee Agent deployed managed products to Microsoft Vista or Windows Server 2008

that were not supported on these platforms. (Reference: 408989)

Resolution: Managed products are now deployed only to their supported platforms.

11. Issue: The Mirror task created a duplicate repository, but it failed to copy the sitestat.xml file.

This caused the duplicate repository to remain disabled. (Reference: 409637)

Resolution: The Mirror task now copies the sitestat.xml file to the duplicated repository.

12. Issue: During a managed product update, a dialog box could be presented requesting a system

reboot. The dialog box asked the user if they wanted to reboot now and rebooted the system even

when the user selected “No”. (Reference: 410573)

Resolution: The managed product update process now honors the user's selected reboot

response.

13. Issue: Certain dates, such as leap years, were recorded incorrectly in the Agent_<system name>.

xml log file. (Reference: 413415)

Resolution: All dates are now recorded correctly in the Agent_<system name>.xml log file.

14. Issue: The McAfee Agent only updated the VirusScan engine if the minor version was newer than

what was installed. This prevented the VirusScan engine from updating to a newer build of the

same version. (Reference: 414065)

Resolution: The McAfee Agent now supports build-to-build VirusScan engine updates.

15. Issue: The installation and upgrade processes failed if the data folder was located in the

“Windows” or “WinNT” folders. (Reference: 415578)

Resolution: Now the installation and upgrade processes allow the data folder to be located in the

“Windows” or “WinNT” folders with the exception of the system32 folder. The installation and

upgrade processes prohibit the data folder from including the system32 folder.

16. Issue: Some non-McAfee product installation routines removed critical registry entries, such as

the Windows IStream COM registration, causing the McAfee Agent to fail. (Reference: 416298)

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Resolution: The upgrade process now re-registers the ole32.dll file when it detects it is missing.

17. Issue: The installation and upgrade processes failed if the installation or data folders contained

double-byte characters. (Reference: 416559)

Resolution: The installation and upgrade processes now allow the installation and data folders to

contain double-byte characters.

18. Issue: Several install and uninstall error messages made no sense when displayed on a Japanese

language system. (Reference: 418729)

Resolution: The upgrade process now displays meaningful install and uninstall error messages on

a Japanese language system.

19. Issue: On systems running VirusScan Enterprise version 8.0 the McAfee Agent did not remove

the Temp files created during the execution of an “Agent Update Task”. (Reference: 419066)

Resolution: The McAfee Agent now removes the Temp files created during the execution of an

“Agent Update Task”.

Note: This change does not remove the Temp files created during the execution of an “Agent

Update Task” prior to implementing this patch.

20. Issue: During Policy Enforcement, when the McAfee Agent failed to compile the policy file, the

policy enforcement failed and the agent crashed on the next Policy Enforcement. (Reference:

423070)

Resolution: The McAfee Agent now detects failed Policy Enforcements and retries the policy

compilation until it completes successfully.

21. Issue: DAT updates were postponed indefinitely and the message “Update will be retried after 3

mins because update is already in progress” appeared repeatedly in the agent log file. (Reference:

424203)

Resolution: The DAT update process now terminates properly when it detects an error in an FTP

transaction.

22. Issue: In environments running the Early Adopter Release (November 11, 2008) the “/

forceinstall” switch did not work when applied against the MA 4.0 Patch 1 package generally

available for download. (Reference: 454619)

Resolution: The MA 4.0 Patch 1 package has been updated allowing the “/forceinstall” switch to

work as expected.

Issues previously resolved in the policy (Extension) pages are listed below.

1. Issue: When a repository was added for one site, the user had to go to every other site and turn

off the repository in the agent policies. In environments with a large number of repositories, this

was very labor intensive. (Reference: 239994)

Resolution: A checkbox has been added to “Agent Policy on Repository Page” that allows new

repositories to be excluded by default. Now when a repository is added and the new checkbox is

checked, the new repository is added to the disable list for each of the existing repositories.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

2. Issue: In environments with a large number of repositories, the policy page required several

minutes to load. (Reference: 372087)

Resolution: The policy page now loads in a much more reasonable amount of time.

Installation instructions

This section provides instructions for installing and upgrading McAfee Agent 4.0 for use with ePolicy

Orchestrator versions 3.6.x and 4.0.

Tasks

● Installing on ePolicy Orchestrator 3.6.x systems

● Installing on ePolicy Orchestrator 4.0 systems

● Upgrading

● Installing, upgrading and uninstalling using Windows command-line switches

Installing on ePolicy Orchestrator 3.6.x systems

This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator version

3.6.x on each of the supported operating systems.

You must have administrator rights to perform this task.

1. Download and extract the agent package, MA400P2WIN.zip.

2. Check in the NAP file, CMA360.nap, from the extracted agent package to the ePolicy Orchestrator

repository.

3. Check in the agent package to the ePolicy Orchestrator repository.

4. Use one of these methods to install the agent on client systems:

❍ Push an agent using the Send Agent Install option.

❍ For third-party deployment methods, create an agent installation package, FramePkg.exe,

using the Agent Installation Package Creation wizard.

❍ Create a deployment task.

Installing on ePolicy Orchestrator 4.0 systems

This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator 4.0 on

Windows using two different methods.

Tasks

● Installing on Windows using ePolicy Orchestrator 4.0

● Installing on Windows using third-party deployment methods

Installing on Windows using ePolicy Orchestrator 4.0

You must have administrator rights on the Windows system to perform this task. The agent extension

must be installed on the ePolicy Orchestrator server before the agent is installed on any clients.

1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 2 agent package,

MA400P2WIN.zip, to the system containing the ePolicy Orchestrator server.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

2. Install the agent extension:

a. In the ePolicy Orchestrator 4.0 console, click Configuration.

b. On the Extensions tab, click Install extension.

c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install

Extensions summary page appears.

d. Click OK to complete the installation of the extension.

3. Check in the agent package to the ePolicy Orchestrator repository:

Note: If installing on a computer running Common Management Agent 3.6, the package must be

checked in to the Current repository branch.

a. In the ePolicy Orchestrator 4.0 console, click Software.

b. Click Check In Package.

c. Browse to the location containing MA400P2WIN.zip, select it and click Next.

d. Ensure that Current is selected in the Branch field.

e. Click Save.

4. Create a deployment task or push the agent to client systems. If using the push method, follow

these steps:

a. In the ePolicy Orchestrator 4.0 console, click Systems.

b. Select the target systems or groups.

c. Click Deploy Agent.

d. Select the version of the agent to be deployed.

e. Type valid credentials in the Domain, User name, and Password fields.

f. Click OK.

Installing on Windows using third-party deployment methods

The agent extension must be installed on the ePolicy Orchestrator server before the agent is installed on

any clients.

Tip: This task requires the creation of an agent installation package, FramePkg.exe (see Step 4).

Installation of the package requires administrator rights.

1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 2 agent package,

MA400P2WIN.zip, to the system containing the ePolicy Orchestrator server.

2. Install the agent extension:

a. In the ePolicy Orchestrator 4.0 console, click Configuration.

b. On the Extensions tab, click Install extension.

c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install

Extensions summary page appears.

d. Click OK to complete the installation of the extension.

3. Using the ePolicy Orchestrator 4.0 console, check in the agent package to the Current (default)

repository branch.

4. Create an installation package:

a. In the ePolicy Orchestrator 4.0 console, click Systems.

b. At the bottom of the System Tree, click New Systems.

c. Select Create and download the agent installation package.

d. Deselect Use Credentials.

e. Click OK. The Download file dialog box opens.

f. Select FramePkg.exe and save it to the desktop.

5. Note the location of the downloaded FramePkg.exe to identify it when using your third-party

deployment system. You can add parameters and switches as allowed by your deployment

system. For a list of available parameters, see

Installing, upgrading and uninstalling using

Windows command-line switches.

Upgrading

This section provides instructions for upgrading the agent from versions 3.5.5 and 3.6 to McAfee Agent

4.0.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Upgrading on Windows using FramePkg_upd.exe
You must have administrator rights to perform this task.
1.  Download and extract the Patch 2 agent package, MA400P2WIN.zip, to a temporary location.
2.  Copy FramePkg_upd.exe to a location on the target client.
3.  From the command line on the client, type <path> /FramePkg_upd.exe /upgrade, where <path> 
is the location containing the copied file. This command is the equivalent of double-clicking 
FramePkg_upd.exe in the folder containing the installation package.
Installing, upgrading and uninstalling using Windows command-line switches
This section describes using selected command-line and MSI parameters to specify installation and 
upgrading preferences. Use the list of tasks as a menu from which to select those that suit your 
circumstances and preferences.
Tasks 
●     Installing the agent and data in their default locations using default site list and key information
●     Installing the agent in specified folders
●     Installing the agent with user-selected policies
●     Installing the agent and specifying the log folder
●     Installing the agent with user-selected site information and user-selected keys
●     Installing the agent by force
●     Installing without requiring specific user privileges
●     Installing silently
●     Installing with specification of interface and log file language
●     Upgrading agent to a new version
●     Uninstalling the agent
●     Converting from unmanaged mode to managed mode
●     Converting from managed mode to unmanaged mode
●     Changing server
Installing the agent and data in their default locations using default site list and key 
information
Use this command to install the agent, site list and keys in their default locations. This command is the 
equivalent of double-clicking the program file in the installation package.
framepkg.exe
Installing the agent in specified folders
Use this command to install the agent in a folder other than the default. The example shown here 
specifies a folder for the installation files (instdir) and a folder for the data files (datadir). These can be 
the same or different folders.
framepkg.exe /install=agent /instdir=<target folder name> /datadir=<target folder name>
Installing the agent with user-selected policies

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Use this command for installation and upgrade to include policies selected by the administrator rather

than the default policies.

framepkg.exe /install=agent /agentpolicy=<full path of user-defined server.xml file>

Note: Policies are stored in the server.xml file.

The following steps illustrate how to create a server.xml file:

1. Configure the policies on an ePolicy Orchestrator server.

2. Enforce the policies on a selected client. The client’s server.xml file now includes the user-selected

policies. The server.xml can be found on the client at Documents and Settings\All Users

\Application Data\McAfee\Common Framework.

3. Copy the new server.xml file from the client to a shared location.

Installing the agent and specifying the log folder

Use this command to install the agent in its default location and specify a log file other than the default

log file as the record of the agent’s activities.

framepkg.exe /install=agent /logdir=<target folder name>

Note: The /logdir parameter can be appended to other installation commands.

Installing the agent with user-selected site information and user-selected keys

Use this command to install the agent and specify a site list file and security keys (srpubkey.bin and

reqseckey.bin) other than the defaults. This command is useful when upgrading an agent using

FramePkg_upd.exe. It specifies the server with which the agent communicates, irrespective of the site

information embedded in the original installation package.

framepkg.exe /install=agent /siteinfo=<full path of sitelist.xml>

The security keys must be located in the same folder as the site list. Use ePolicy Orchestrator to export

the files:

1. Export the Sitelist file:

a. Select Software | Master Repository.

b. Click Export Sitelist.

c. Save the file to a new location.

2. Export the security keys:

a. Select Configuration | Server Settings | Security Keys, and click Edit.

b. Select Master Agent-server secure communication key, and click Export.

c. Save the files to the same location as the Sitelist file.

Installing the agent by force

Use this command to delete the currently installed agent and force install a different agent only when:

● Downgrading to an earlier version of the agent.

● Changing the names of the folders that contain the agent.

● Restoring the agent’s settings to a default state.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

framepkg.exe /install=agent /forceinstall

Note: McAfee strongly advises that you only use /forceinstall to install the McAfee Agent under the

conditions stated above, because the command:

●

Deletes current program files and restores data files to a default state. As a result, all user-

configured repositories and user-created tasks are lost.

●

Removes the currently installed agent and introduces the risk that installation of the replacement

agent could fail. As a result, one or more systems could have no agent at all.

●

Sometimes requires a restart of the system.

Installing without requiring specific user privileges

Use this command to allow all users access to agent files and registry, regardless of their user privileges.

framepkg.exe /install=agent /defaultpermissions

Installing silently

Use this command to install the agent without displaying information dialog boxes on the client.

framepkg.exe /install=agent /s or framepkg.exe /install=agent /silent

Installing with specification of interface and log file language

Use this command to install the agent and specify a language other than the target computer’s native

language.

framepkg.exe /install=agent /uselanguage=<language code>

Language codes are:

Language Code

Chinese (Simplified) 0804

Chinese (Traditional) 0404

Dutch 0413

English 0409

French 040C

German 0407

Italian 0410

Japanese 0411

Korean 0412

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Polish 0415

Portuguese 0416

Spanish 040A

Swedish 041D

Note: To restore the computer’s native language, type /resetlanguage

Upgrading the agent to a new version

Use either of these commands to upgrade the agent to a new version.

framepkg_upd.exe or framepkg.exe /upgrade

Using these commands is the equivalent of double-clicking FramePkg_upd.exe in the installation package.

Uninstalling the agent

Some managed products, such as McAfee VirusScan Enterprise and McAfee Host Intrusion Prevention,

incorporate their own copies of the agent.

● Disconnect the agent from its ePO server, and if there are no point-products using it for updating,

remove it completely:

frminst.exe /remove=agent

● Remove the agent completely, but only if it is not connected to an ePO server and no point-

products are using it for updating:

frminst.exe /uninstall

● Remove the agent completely, even if it is connected to an ePO server or point-products are using

it for updating:

frminst.exe /forceuninstall

Converting from unmanaged mode to managed mode

Use this task to convert a client currently operating in unmanaged mode to managed mode.

If the sitelist.xml file is from ePolicy Orchestrator 4.0.0 or later, the security keys must be located in the

same folder as the site list.

frminst.exe /install=agent /siteinfo=<full path of target server’s sitelist.xml file>

Converting from managed mode to unmanaged mode

Use this task to convert a client currently operating in managed mode to unmanaged mode.

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

frminst.exe /remove=agent

Changing server

Use this task to change the server with which a client communicates.

The security keys must be located in the same folder as the site list.

frminst.exe /siteinfo=<full path of target server’s sitelist.xml file>

Allowing users to configure proxy settings

Laptop users of Windows can configure proxy settings for downloading McAfee VirusScan Enterprise

updates while in the field. This requires making changes in the ePolicy Orchestrator console and in the

VirusScan console. The ePolicy Orchestrator changes must be completed before making the VirusScan

changes.

Tasks

● Changes in the ePolicy Orchestrator console

● Changes in the VirusScan console

Changes in the ePolicy Orchestrator console

You must have ePolicy Orchestrator administrator rights to perform this task.

1. Select Systems | System Tree and select or create the systems where proxy settings are to be

allowed.

2. Select Systems | Policy Catalog.

3. In the Product field, select McAfee Agent.

4. In the Category field, select General.

5. Select a policy (for example, “My Default”) and click “Edit.”

6. Click Proxy.

7. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy

settings.” The new policy is enforced at the next agent-to-server communication interval (ASCI).

Alternatively, you can trigger enforcement by invoking an agent wake-up call. See the ePolicy

Orchestrator Product Guide for instructions.

Changes in the VirusScan console

Any remote user who can access VirusScan Enterprise can perform this task.

1. From the Tools menu of the VirusScan Console, select Edit AutoUpdate Repository List.

2. Select the Proxy settings tab.

3. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy

settings.”

4. Click Configure, then supply the required HTTP or FTP information, then click OK.

Finding documentation for McAfee enterprise products

1. Go to the McAfee ServicePortal (mysupport.mcafee.com) and, under Support by Reading, click

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

Product Documentation.

2. Select a Product.

3. Select a Version.

4. Select a product document.

License attributions

This product includes or may include:

Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). |

Cryptographic software written by Eric A. Young and software written by Tim J. Hudson | Some software

programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or

other similar Free Software licenses which, among other rights, permit the user to copy, modify and

redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires

that for any software covered under the GPL, which is distributed to someone in an executable binary

format, that the source code also be made available to those users. For any such software covered under

the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee

provide rights to use, copy or modify a software program that are broader than the rights granted in this

agreement, then such rights shall take precedence over the rights and restrictions herein. * Software

W. Sauder. | Software developed by the Apache Software Foundation (http://www.apache.org/). A copy

of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. |

CrystalClear Software, Inc. | FEAD® Optimizer® technology, Copyright Netopsystems AG, Berlin,

copyrighted by Gunnar Ritter. | Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle,

extreme.indiana.edu/). | Software copyrighted by International Business Machines Corporation and

| Software developed by Ralf S. Engelschall <[email protected]> for use in the mod_ssl project

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)

with code derived from software contributed to Berkeley by Chris Torek.

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or

translated into any language in any form or by any means without the written permission of McAfee, Inc.,

or its suppliers or affiliate companies.

TRADEMARK ATTRIBUTIONS

AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD,

MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS,

SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered

trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee

Red in connection with security is distinctive of McAfee brand products. All other registered and

unregistered trademarks herein are the sole property of their respective owners.

LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO

THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE

USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE

ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER

DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED

SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE

AVAILABLE ON THE WEB-SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO

NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE.

IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL

REFUND.

McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

Brand: McAfee

Model: AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009

Type: Release note

This manual is also suitable for

Agent 4.0

Download PDF

report

McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

This manual is also suitable for

McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

Related papers

Other documents