McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

Type
Release note

This manual is also suitable for

Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Release Notes for McAfee Agent 4.0 Patch 2 (Windows)
Thank you for using McAfee Agent software version 4.0. This document contains important information
about this release. We strongly recommend that you read the entire document.
Contents
About this release
System requirements
Rating
Purpose
Known issues
Resolved issues
Installation instructions
Allowing users to configure proxy settings
Finding release notes and documentation for McAfee enterprise products
License attributions
About this release
Patch Release: March 10, 2009
Patch Package: 4.0.0.1421
This release was developed for use with:
Data Loss Prevention 2.1 and 2.2
Endpoint Encryption for Files and Folders 3.1.0
Endpoint Encryption for PC 5.1.5
ePolicy Orchestrator 3.6.1 and 4.0
McAfee Anti-Spam for GroupShield 7.0
McAfee Encrypted USB 1.0
McAfee VDisk for Windows 4.1.0
Host Intrusion Prevention (Windows only) 7.0
Network Access Control 2.0, 2.5, and 3.0
Policy Auditor 5.0, 5.0.1 and 5.1
PortalShield 1.0 and 2.0
Safeboot Encrypted USB 1.0
Safeboot Endpoint Encryption for File and Folder (Content Encryption) 3.1.0
Safeboot Endpoint Encryption for PC (Device Encryption) 5.1.5
Safeboot VDisk for Windows 4.1.0
SecurityShield 1.0
SiteAdvisor Enterprise 1.5, 1.6. and 2.0
System Compliance Profiler 1.1 and 2.0
VirusScan Enterprise 8.0i, 8.5i (Patch 7 and above), and 8.7i (with AntiSpyware Enterprise)
Make sure you have installed the correct version(s) before using this release.
System requirements
This section specifies the system requirements for McAfee Agent 4.0.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Installed disk space — 14–17 MB, including log files
Memory — 128 MB RAM minimum, 256 MB RAM recommended
Processor — Intel or compatible; Intel Pentium or Celeron (recommended); Itanium 2 processors.
Processor speed — 133 MHz minimum
Operating system:
Windows 2000 Professional, SP 4
Windows 2000 Server, SP 4
Windows 2000 Advanced Server, SP 4
Windows 2000 Datacenter Server, SP 4
Windows 2003 Server, Standard Edition, SP 1 or 2
Windows 2003 Server, Enterprise Edition, SP 1 or 2
Windows 2003 Server R2, Standard Edition, SP 1 or 2
Windows 2003 Server R2, Enterprise Edition, SP 1 or 2
Windows 2003 Server, Standard x64 Edition, SP 1 or 2
Windows 2003 Server, Enterprise x64 Edition, SP 1 or 2
Windows 2003 Server R2, Standard x64 Edition, SP 1 or 2
Windows 2003 Server R2, Enterprise x64 Edition, SP 1 or 2
Windows XP Embedded
Windows XP Home, SP 1 and 2
Windows XP Professional, SP 1, 2, and 3
Windows XP Professional, x64 SP 2
Windows XP Tablet PC 2005
Windows Vista, SP 1
Windows Vista x64, SP 1
Windows Server 2008
Windows Server 2008 x64
This release does not support Windows 95, Windows 98, Windows Millennium Edition or Windows
NT.
The McAfee Security single tray icon does not appear on 64-bit systems.
Rating
McAfee recommends this release for all environments. This update should be applied at the earliest
convenience. For more information, see KB article KB51560.
Purpose
This document supplements the McAfee Agent 4.0 Readme file in the release package, and details fixes
included in McAfee Agent 4.0 Patch releases.
This Patch contains a variety of improvements. McAfee has spent a significant amount of time finding,
fixing, and testing the fixes in this release. Please review the Known and Resolved Issues lists for
additional information on the individual issues.
Refer to online KnowledgeBase article KB60681 at http://knowledge.mcafee.com for the most current
information regarding this release.
Known issues
Known issues in this release of the software are described below:
Issue: On systems with EMC’s Power Path software installed, the McAfee Agent fails to start and
the error message “Cannot generate keypair” appears in the Agent_<system name> log file.
(Reference: 452955, 436864, 445158, 447296, 451228, 437592 )
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Workaround: The McAfee Agent must be rolled back to Common Management Agent version
3.6.0 Patch 4 for the systems with EMC's Power Path software installed.
Resolved issues
Issues that are resolved in this release are listed below.
1. Issue: The error message “Failed >> Setting naInet transfer option RelativePath =” appeared in
the McScript and Aviview log files when a UNC repository when it was defined without a
subdirectory following a share name. For example, the definition “\\server\share\directory”
worked as expected, but the definition “\\server\share” caused the error message to appear. The
download would work correctly in spite of this error message. (Reference: 391232, 455183)
Resolution: UNC repositories can now be defined with or without specifying a subdirectory.
2. Issue: When a UNC repository was configured to use download credentials and to use ping time
repository sorting, and the UNC repository was inaccessible for pinging, the McAfee Agent
might run with lowered privileges. When this occurred, the error message “Permission
denied” appeared in the Agent_ log file when the McAfee Agent attempted to write to the registry.
(Reference: 416303, 417404, 432919, 432931)
Resolution: The UNC Repository Updater process now continues to run under the System user’s
credentials when a UNC repository cannot be reached during the ping time sorting process.
3. Issue: When UNC repositories were configured to use the download credentials of the logged-on
user and the logged-on user was not an Administrator, the download would fail. (Reference:
418162, 424677, 425454, 437584, 458651, 466124, 466186)
Resolution: The UNC Repository Updater process now allows UNC replication using the logged-on
user’s credentials.
4. Issue: The download of a product deployment process could fail when an earlier version of the
product had been deployed. (Reference: 421222)
Resolution: The product deployment process has been updated to consistently detect and deploy
updated products.
5. Issue: Updates via a UNC repository would fail on 64-bit systems when the update was
configured to use the credentials of the logged-on user. When this occurred, the error message
“Failed to steal Explorer token” would appear in the Agent_<system name> log file. (Reference:
429292)
Resolution: The UNC Repository Updater process now runs on 64-bit operating systems when
defined to use download credentials.
6. Issue: During the repository download process when the download of a product failed and a
subsequent download of a different product succeeded, the download session was treated as a
success and not retried using the next repository. (Reference: 429950, 429759)
Resolution: The repository download process has been updated to retry the entire update from
the next repository when any products fail to download.
7. Issue: The McAfee Agent no longer provided an embedded credential installation package option.
(Reference: 432427)
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Resolution: An embedded credential installation package is now available through McAfee Tier III
Support. For information on obtaining this package, see KB article KB59954.
8. Issue: Requesting updates from the ePolicy Orchestrator server through HTTP resulted in a large
number of “client denied by server configuration…” error messages to be incorrectly reported in
the server log file. (Reference: 433704)
Resolution: The HTTP connection process has been updated to avoid creating this error message
incorrectly.
9. Issue: During the deployment of Host Intrusion Prevention, the product detection script would
prematurely end when the Host Intrusion Prevention service was not registered. (Reference:
436914)
Resolution: The script engine has been updated to properly detect and report unregistered
services as an error rather than exiting.
10. Issue: Non-English versions of the McAfee Agent could fail to apply incremental DAT updates, and
instead download the full DAT package, resulting in unnecessary network bandwidth consumption.
(Reference: 439397, 441679, 443381)
Resolution: The DAT update process has been updated to ensure that non-English versions apply
incremental updates correctly.
11. Issue: The error message “File is corrupt. Downloading complete file again.” would be incorrectly
written to the McScript log file during the update process. (Reference: 440080, 445479)
Resolution: The update process has been updated to record this error message only when the
file download process detects a corrupt file.
12. Issue: After a successful update of a DAT file, a temporary copy of the DAT package would not be
deleted from the McAfee Agent data directory, resulting in unnecessary disk space consumption.
(Reference: 440930)
Note: This issue could consume all of a system's available disk space.
Resolution: The DAT update process now deletes the DAT package after a successful update.
13. Issue: The McAfee Agent upgrade process would fail to install when it could not successfully
terminate the currently running version, resulting in a McAfee Agent that failed to start.
(Reference: 441182)
Resolution: The McAfee Agent upgrade process has been updated so that if it detects that the
currently installed version cannot be stopped, it quits and leaves the currently running version of
the McAfee Agent operational.
14. Issue: The error log file did not “roll over,” resulting in unnecessary disk space consumption.
(Reference: 449107, 449111, 449341, 450554, 462905)
Note: This issue could consume all of a system's available disk space.
Resolution: The error log file now “rolls over” in the same manner as the Agent_<system name>
log file.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Note: When writing a message to the error log file, the size of the current file is checked. If the
size equals or exceeds the file size limit set in the registry, the following actions will occur:
If the backup file (Agent_<system name>_backup.log) exists in the target folder, it is
deleted.
The current file (Agent_<system name>.log) is renamed as the backup file.
A new current file is created and the message is written in this file.
15. Issue: When the Internet Explorer setting “Automatically detect settings” is selected and “Use a
proxy server for your LAN” is not selected, an automated configuration script caused the update
process to fail. (Reference: 450058, 451906, 452028, 461210, 463930)
Resolution: The update process now runs as expected, independent of these Internet Explorer
settings.
Issues from the Patch 1 release of the software that are resolved in this release are listed below.
1. Issue: An update dialog box appeared in English rather than the non-English language running on
the system. (Reference: 389523)
Resolution: Update dialog boxes now appear in the language running on the system.
2. Issue: When using the “/forceinstall” switch and only changing the data (/datadir=<new folder>)
folder, the upgrade process did not remove the old data folder and used the new folder.
(Reference: 393182)
Resolution: Now when using the “/forceinstall” switch and changing the data (/datadir=<new
folder>) folder, the upgrade process removes the old data folder and uses the new folder.
3. Issue: When the AgentEvents folder was missing, the upgrade process failed. (Reference:
393764)
Resolution: Now the upgrade process creates the AgentEvents folder when it is missing.
4. Issue: Managed product installation routines were executed each time a deployment task ran on
systems that used a language other than English. (Reference: 399232)
Resolution: Managed product installation routines now execute only when necessary.
5. Issue: If the installation or data folder contained a double-byte character, the upgrade process
failed. (Reference: 404111)
Resolution: Now the installation and data folders can contain non-English characters.
6. Issue: When executing the VirusScan update process (mcupdate.exe) with the “/update” and “/
quiet” switches, an upgrade dialog box would still be displayed. (Reference: 405004)
Resolution: The VirusScan update process now honors the “/quiet” switch.
7. Issue: The upgrade process was checking for the existence of the “My Favorites” and “Fonts”
folders. If they were not present, the upgrade failed. (Reference: 405314)
Resolution: The upgrade process no longer requires the “My Favorites” and “Fonts” folders to be
present.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
8. Issue: When an error occurred during Host Intrusion Prevention policy enforcement, the system
could be “locked out of the network”. (Reference: 406896)
Resolution: Now the ePolicy Orchestrator server connection information (server IP, name and
port, and incoming agent wake-up port) is recorded. This allows Host Intrusion Prevention to
create specific rules that allow communication to and from the ePolicy Orchestrator server, even
in the absence of Host IPS policies.
9. Issue: The name of the ePO server the system last communicated with appears in the XML log
file. The value is initially blank and remained blank for a period of time after the first
communication. (Reference: 407154)
Resolution: The name of the ePO server the system last communicated with now appears
immediately after the last server communication.
10. Issue: The McAfee Agent deployed managed products to Microsoft Vista or Windows Server 2008
that were not supported on these platforms. (Reference: 408989)
Resolution: Managed products are now deployed only to their supported platforms.
11. Issue: The Mirror task created a duplicate repository, but it failed to copy the sitestat.xml file.
This caused the duplicate repository to remain disabled. (Reference: 409637)
Resolution: The Mirror task now copies the sitestat.xml file to the duplicated repository.
12. Issue: During a managed product update, a dialog box could be presented requesting a system
reboot. The dialog box asked the user if they wanted to reboot now and rebooted the system even
when the user selected “No”. (Reference: 410573)
Resolution: The managed product update process now honors the user's selected reboot
response.
13. Issue: Certain dates, such as leap years, were recorded incorrectly in the Agent_<system name>.
xml log file. (Reference: 413415)
Resolution: All dates are now recorded correctly in the Agent_<system name>.xml log file.
14. Issue: The McAfee Agent only updated the VirusScan engine if the minor version was newer than
what was installed. This prevented the VirusScan engine from updating to a newer build of the
same version. (Reference: 414065)
Resolution: The McAfee Agent now supports build-to-build VirusScan engine updates.
15. Issue: The installation and upgrade processes failed if the data folder was located in the
“Windows” or “WinNT” folders. (Reference: 415578)
Resolution: Now the installation and upgrade processes allow the data folder to be located in the
“Windows” or “WinNT” folders with the exception of the system32 folder. The installation and
upgrade processes prohibit the data folder from including the system32 folder.
16. Issue: Some non-McAfee product installation routines removed critical registry entries, such as
the Windows IStream COM registration, causing the McAfee Agent to fail. (Reference: 416298)
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Resolution: The upgrade process now re-registers the ole32.dll file when it detects it is missing.
17. Issue: The installation and upgrade processes failed if the installation or data folders contained
double-byte characters. (Reference: 416559)
Resolution: The installation and upgrade processes now allow the installation and data folders to
contain double-byte characters.
18. Issue: Several install and uninstall error messages made no sense when displayed on a Japanese
language system. (Reference: 418729)
Resolution: The upgrade process now displays meaningful install and uninstall error messages on
a Japanese language system.
19. Issue: On systems running VirusScan Enterprise version 8.0 the McAfee Agent did not remove
the Temp files created during the execution of an “Agent Update Task”. (Reference: 419066)
Resolution: The McAfee Agent now removes the Temp files created during the execution of an
“Agent Update Task”.
Note: This change does not remove the Temp files created during the execution of an “Agent
Update Task” prior to implementing this patch.
20. Issue: During Policy Enforcement, when the McAfee Agent failed to compile the policy file, the
policy enforcement failed and the agent crashed on the next Policy Enforcement. (Reference:
423070)
Resolution: The McAfee Agent now detects failed Policy Enforcements and retries the policy
compilation until it completes successfully.
21. Issue: DAT updates were postponed indefinitely and the message “Update will be retried after 3
mins because update is already in progress” appeared repeatedly in the agent log file. (Reference:
424203)
Resolution: The DAT update process now terminates properly when it detects an error in an FTP
transaction.
22. Issue: In environments running the Early Adopter Release (November 11, 2008) the “/
forceinstall” switch did not work when applied against the MA 4.0 Patch 1 package generally
available for download. (Reference: 454619)
Resolution: The MA 4.0 Patch 1 package has been updated allowing the “/forceinstall” switch to
work as expected.
Issues previously resolved in the policy (Extension) pages are listed below.
1. Issue: When a repository was added for one site, the user had to go to every other site and turn
off the repository in the agent policies. In environments with a large number of repositories, this
was very labor intensive. (Reference: 239994)
Resolution: A checkbox has been added to “Agent Policy on Repository Page” that allows new
repositories to be excluded by default. Now when a repository is added and the new checkbox is
checked, the new repository is added to the disable list for each of the existing repositories.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
2. Issue: In environments with a large number of repositories, the policy page required several
minutes to load. (Reference: 372087)
Resolution: The policy page now loads in a much more reasonable amount of time.
Installation instructions
This section provides instructions for installing and upgrading McAfee Agent 4.0 for use with ePolicy
Orchestrator versions 3.6.x and 4.0.
Tasks
Installing on ePolicy Orchestrator 3.6.x systems
Installing on ePolicy Orchestrator 4.0 systems
Upgrading
Installing, upgrading and uninstalling using Windows command-line switches
Installing on ePolicy Orchestrator 3.6.x systems
This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator version
3.6.x on each of the supported operating systems.
You must have administrator rights to perform this task.
1. Download and extract the agent package, MA400P2WIN.zip.
2. Check in the NAP file, CMA360.nap, from the extracted agent package to the ePolicy Orchestrator
repository.
3. Check in the agent package to the ePolicy Orchestrator repository.
4. Use one of these methods to install the agent on client systems:
Push an agent using the Send Agent Install option.
For third-party deployment methods, create an agent installation package, FramePkg.exe,
using the Agent Installation Package Creation wizard.
Create a deployment task.
Installing on ePolicy Orchestrator 4.0 systems
This section provides instructions for installing McAfee Agent 4.0 for use with ePolicy Orchestrator 4.0 on
Windows using two different methods.
Tasks
Installing on Windows using ePolicy Orchestrator 4.0
Installing on Windows using third-party deployment methods
Installing on Windows using ePolicy Orchestrator 4.0
You must have administrator rights on the Windows system to perform this task. The agent extension
must be installed on the ePolicy Orchestrator server before the agent is installed on any clients.
1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 2 agent package,
MA400P2WIN.zip, to the system containing the ePolicy Orchestrator server.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
2. Install the agent extension:
a. In the ePolicy Orchestrator 4.0 console, click Configuration.
b. On the Extensions tab, click Install extension.
c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install
Extensions summary page appears.
d. Click OK to complete the installation of the extension.
3. Check in the agent package to the ePolicy Orchestrator repository:
Note: If installing on a computer running Common Management Agent 3.6, the package must be
checked in to the Current repository branch.
a. In the ePolicy Orchestrator 4.0 console, click Software.
b. Click Check In Package.
c. Browse to the location containing MA400P2WIN.zip, select it and click Next.
d. Ensure that Current is selected in the Branch field.
e. Click Save.
4. Create a deployment task or push the agent to client systems. If using the push method, follow
these steps:
a. In the ePolicy Orchestrator 4.0 console, click Systems.
b. Select the target systems or groups.
c. Click Deploy Agent.
d. Select the version of the agent to be deployed.
e. Type valid credentials in the Domain, User name, and Password fields.
f. Click OK.
Installing on Windows using third-party deployment methods
The agent extension must be installed on the ePolicy Orchestrator server before the agent is installed on
any clients.
Tip: This task requires the creation of an agent installation package, FramePkg.exe (see Step 4).
Installation of the package requires administrator rights.
1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 2 agent package,
MA400P2WIN.zip, to the system containing the ePolicy Orchestrator server.
2. Install the agent extension:
a. In the ePolicy Orchestrator 4.0 console, click Configuration.
b. On the Extensions tab, click Install extension.
c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install
Extensions summary page appears.
d. Click OK to complete the installation of the extension.
3. Using the ePolicy Orchestrator 4.0 console, check in the agent package to the Current (default)
repository branch.
4. Create an installation package:
a. In the ePolicy Orchestrator 4.0 console, click Systems.
b. At the bottom of the System Tree, click New Systems.
c. Select Create and download the agent installation package.
d. Deselect Use Credentials.
e. Click OK. The Download file dialog box opens.
f. Select FramePkg.exe and save it to the desktop.
5. Note the location of the downloaded FramePkg.exe to identify it when using your third-party
deployment system. You can add parameters and switches as allowed by your deployment
system. For a list of available parameters, see
Installing, upgrading and uninstalling using
Windows command-line switches.
Upgrading
This section provides instructions for upgrading the agent from versions 3.5.5 and 3.6 to McAfee Agent
4.0.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Upgrading on Windows using FramePkg_upd.exe
You must have administrator rights to perform this task.
1. Download and extract the Patch 2 agent package, MA400P2WIN.zip, to a temporary location.
2. Copy FramePkg_upd.exe to a location on the target client.
3. From the command line on the client, type <path> /FramePkg_upd.exe /upgrade, where <path>
is the location containing the copied file. This command is the equivalent of double-clicking
FramePkg_upd.exe in the folder containing the installation package.
Installing, upgrading and uninstalling using Windows command-line switches
This section describes using selected command-line and MSI parameters to specify installation and
upgrading preferences. Use the list of tasks as a menu from which to select those that suit your
circumstances and preferences.
Tasks
Installing the agent and data in their default locations using default site list and key information
Installing the agent in specified folders
Installing the agent with user-selected policies
Installing the agent and specifying the log folder
Installing the agent with user-selected site information and user-selected keys
Installing the agent by force
Installing without requiring specific user privileges
Installing silently
Installing with specification of interface and log file language
Upgrading agent to a new version
Uninstalling the agent
Converting from unmanaged mode to managed mode
Converting from managed mode to unmanaged mode
Changing server
Installing the agent and data in their default locations using default site list and key
information
Use this command to install the agent, site list and keys in their default locations. This command is the
equivalent of double-clicking the program file in the installation package.
framepkg.exe
Installing the agent in specified folders
Use this command to install the agent in a folder other than the default. The example shown here
specifies a folder for the installation files (instdir) and a folder for the data files (datadir). These can be
the same or different folders.
framepkg.exe /install=agent /instdir=<target folder name> /datadir=<target folder name>
Installing the agent with user-selected policies
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Use this command for installation and upgrade to include policies selected by the administrator rather
than the default policies.
framepkg.exe /install=agent /agentpolicy=<full path of user-defined server.xml file>
Note: Policies are stored in the server.xml file.
The following steps illustrate how to create a server.xml file:
1. Configure the policies on an ePolicy Orchestrator server.
2. Enforce the policies on a selected client. The client’s server.xml file now includes the user-selected
policies. The server.xml can be found on the client at Documents and Settings\All Users
\Application Data\McAfee\Common Framework.
3. Copy the new server.xml file from the client to a shared location.
Installing the agent and specifying the log folder
Use this command to install the agent in its default location and specify a log file other than the default
log file as the record of the agent’s activities.
framepkg.exe /install=agent /logdir=<target folder name>
Note: The /logdir parameter can be appended to other installation commands.
Installing the agent with user-selected site information and user-selected keys
Use this command to install the agent and specify a site list file and security keys (srpubkey.bin and
reqseckey.bin) other than the defaults. This command is useful when upgrading an agent using
FramePkg_upd.exe. It specifies the server with which the agent communicates, irrespective of the site
information embedded in the original installation package.
framepkg.exe /install=agent /siteinfo=<full path of sitelist.xml>
The security keys must be located in the same folder as the site list. Use ePolicy Orchestrator to export
the files:
1. Export the Sitelist file:
a. Select Software | Master Repository.
b. Click Export Sitelist.
c. Save the file to a new location.
2. Export the security keys:
a. Select Configuration | Server Settings | Security Keys, and click Edit.
b. Select Master Agent-server secure communication key, and click Export.
c. Save the files to the same location as the Sitelist file.
Installing the agent by force
Use this command to delete the currently installed agent and force install a different agent only when:
Downgrading to an earlier version of the agent.
Changing the names of the folders that contain the agent.
Restoring the agent’s settings to a default state.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
framepkg.exe /install=agent /forceinstall
Note: McAfee strongly advises that you only use /forceinstall to install the McAfee Agent under the
conditions stated above, because the command:
Deletes current program files and restores data files to a default state. As a result, all user-
configured repositories and user-created tasks are lost.
Removes the currently installed agent and introduces the risk that installation of the replacement
agent could fail. As a result, one or more systems could have no agent at all.
Sometimes requires a restart of the system.
Installing without requiring specific user privileges
Use this command to allow all users access to agent files and registry, regardless of their user privileges.
framepkg.exe /install=agent /defaultpermissions
Installing silently
Use this command to install the agent without displaying information dialog boxes on the client.
framepkg.exe /install=agent /s or framepkg.exe /install=agent /silent
Installing with specification of interface and log file language
Use this command to install the agent and specify a language other than the target computer’s native
language.
framepkg.exe /install=agent /uselanguage=<language code>
Language codes are:
Language Code
Chinese (Simplified) 0804
Chinese (Traditional) 0404
Dutch 0413
English 0409
French 040C
German 0407
Italian 0410
Japanese 0411
Korean 0412
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Polish 0415
Portuguese 0416
Spanish 040A
Swedish 041D
Note: To restore the computer’s native language, type /resetlanguage
Upgrading the agent to a new version
Use either of these commands to upgrade the agent to a new version.
framepkg_upd.exe or framepkg.exe /upgrade
Using these commands is the equivalent of double-clicking FramePkg_upd.exe in the installation package.
Uninstalling the agent
Some managed products, such as McAfee VirusScan Enterprise and McAfee Host Intrusion Prevention,
incorporate their own copies of the agent.
Disconnect the agent from its ePO server, and if there are no point-products using it for updating,
remove it completely:
frminst.exe /remove=agent
Remove the agent completely, but only if it is not connected to an ePO server and no point-
products are using it for updating:
frminst.exe /uninstall
Remove the agent completely, even if it is connected to an ePO server or point-products are using
it for updating:
frminst.exe /forceuninstall
Converting from unmanaged mode to managed mode
Use this task to convert a client currently operating in unmanaged mode to managed mode.
If the sitelist.xml file is from ePolicy Orchestrator 4.0.0 or later, the security keys must be located in the
same folder as the site list.
frminst.exe /install=agent /siteinfo=<full path of target server’s sitelist.xml file>
Converting from managed mode to unmanaged mode
Use this task to convert a client currently operating in managed mode to unmanaged mode.
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
frminst.exe /remove=agent
Changing server
Use this task to change the server with which a client communicates.
The security keys must be located in the same folder as the site list.
frminst.exe /siteinfo=<full path of target server’s sitelist.xml file>
Allowing users to configure proxy settings
Laptop users of Windows can configure proxy settings for downloading McAfee VirusScan Enterprise
updates while in the field. This requires making changes in the ePolicy Orchestrator console and in the
VirusScan console. The ePolicy Orchestrator changes must be completed before making the VirusScan
changes.
Tasks
Changes in the ePolicy Orchestrator console
Changes in the VirusScan console
Changes in the ePolicy Orchestrator console
You must have ePolicy Orchestrator administrator rights to perform this task.
1. Select Systems | System Tree and select or create the systems where proxy settings are to be
allowed.
2. Select Systems | Policy Catalog.
3. In the Product field, select McAfee Agent.
4. In the Category field, select General.
5. Select a policy (for example, “My Default”) and click “Edit.”
6. Click Proxy.
7. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy
settings.” The new policy is enforced at the next agent-to-server communication interval (ASCI).
Alternatively, you can trigger enforcement by invoking an agent wake-up call. See the ePolicy
Orchestrator Product Guide for instructions.
Changes in the VirusScan console
Any remote user who can access VirusScan Enterprise can perform this task.
1. From the Tools menu of the VirusScan Console, select Edit AutoUpdate Repository List.
2. Select the Proxy settings tab.
3. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy
settings.”
4. Click Configure, then supply the required HTTP or FTP information, then click OK.
Finding documentation for McAfee enterprise products
1. Go to the McAfee ServicePortal (mysupport.mcafee.com) and, under Support by Reading, click
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Product Documentation.
2. Select a Product.
3. Select a Version.
4. Select a product document.
License attributions
This product includes or may include:
Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). |
Cryptographic software written by Eric A. Young and software written by Tim J. Hudson | Some software
programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or
other similar Free Software licenses which, among other rights, permit the user to copy, modify and
redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires
that for any software covered under the GPL, which is distributed to someone in an executable binary
format, that the source code also be made available to those users. For any such software covered under
the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee
provide rights to use, copy or modify a software program that are broader than the rights granted in this
agreement, then such rights shall take precedence over the rights and restrictions herein. * Software
originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. | Software
originally written by Robert Nordier, Copyright © 1996-7 Robert Nordier. | Software written by Douglas
W. Sauder. | Software developed by the Apache Software Foundation (http://www.apache.org/). A copy
of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. |
International Components for Unicode (“ICU”) Copyright © 1995-2002 International Business Machines
Corporation and others. | Software developed by CrystalClear Software, Inc., Copyright © 2000
CrystalClear Software, Inc. | FEAD® Optimizer® technology, Copyright Netopsystems AG, Berlin,
Germany. | Outside In® Viewer Technology © 1992-2001 Stellent Chicago, Inc. and/or Outside In®
HTML Export, © 2001 Stellent Chicago, Inc. | Software copyrighted by Thai Open Source Software Center
Ltd. and Clark Cooper, © 1998, 1999, 2000. | Software copyrighted by Expat maintainers. | Software
copyrighted by The Regents of the University of California, © 1996, 1989, 1998-2000. | Software
copyrighted by Gunnar Ritter. | Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle,
Santa Clara, California 95054, U.S.A., © 2003. | Software copyrighted by Gisle Aas. © 1995-2003. |
Software copyrighted by Michael A. Chase, © 1999-2000. * Software copyrighted by Neil Winton, ©
1995-1996. | Software copyrighted by RSA Data Security, Inc., © 1990-1992. | Software copyrighted by
Sean M. Burke, © 1999, 2000. | Software copyrighted by Martijn Koster, © 1995. | Software copyrighted
by Brad Appleton, © 1996-1999. | Software copyrighted by Michael G. Schwern, © 2001. | Software
copyrighted by Graham Barr, © 1998. | Software copyrighted by Larry Wall and Clark Cooper, © 1998-
2000. | Software copyrighted by Frodo Looijaard, © 1997. | Software copyrighted by the Python
Software Foundation, Copyright © 2001, 2002, 2003. A copy of the license agreement for this software
can be found at www.python.org. | Software copyrighted by Beman Dawes, © 1994-1999, 2002. |
Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek © 1997-2000 University of Notre
Dame. | Software copyrighted by Simone Bordet & Marco Cravero, © 2002. | Software copyrighted by
Stephen Purcell, © 2001. | Software developed by the Indiana University Extreme! Lab (http://www.
extreme.indiana.edu/). | Software copyrighted by International Business Machines Corporation and
others, © 1995-2003. | Software developed by the University of California, Berkeley and its contributors.
| Software developed by Ralf S. Engelschall <[email protected]> for use in the mod_ssl project
(http:// www.modssl.org/). | Software copyrighted by Kevlin Henney, © 2000-2002. | Software
copyrighted by Peter Dimov and Multi Media Ltd. © 2001, 2002. | Software copyrighted by David
Abrahams, © 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. | Software
copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, © 2000. | Software
copyrighted by Boost.org, © 1999-2002. | Software copyrighted by Nicolai M. Josuttis, ©1999. |
Software copyrighted by Jeremy Siek, © 1999-2001. | Software copyrighted by Daryle Walker, © 2001.
| Software copyrighted by Chuck Allison and Jeremy Siek, © 2001, 2002. | Software copyrighted by
Samuel Krempp, © 2001. See http://www.boost.org for updates, documentation, and revision history. |
Software copyrighted by Doug Gregor ([email protected]), © 2001, 2002. | Software copyrighted by
Cadenza New Zealand Ltd., © 2000. | Software copyrighted by Jens Maurer, © 2000, 2001. | Software
copyrighted by Jaakko Järvi ([email protected]), © 1999, 2000. | Software copyrighted by Ronald
Garcia, © 2002. | Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, © 1999-
2001. | Software copyrighted by Stephen Cleary ([email protected]), © 2000. | Software
copyrighted by Housemarque Oy <http://www.housemarque.com>, © 2001. | Software copyrighted by
Paul Moore, © 1999. | Software copyrighted by Dr. John Maddock, © 1998-2002. | Software copyrighted
by Greg Colvin and Beman Dawes, © 1998, 1999. | Software copyrighted by Peter Dimov, © 2001,
2002. | Software copyrighted by Jeremy Siek and John R. Bandela, © 2001. | Software copyrighted by
Release Notes for McAfee Agent 4.0.0 Patch 2 (Windows)
Joerg Walter and Mathias Koch, © 2000-2002. | Software copyrighted by Carnegie Mellon University ©
1989, 1991, 1992. | Software copyrighted by Cambridge Broadband Ltd., © 2001-2003. | Software
copyrighted by Sparta, Inc., © 2003-2004. | Software copyrighted by Cisco, Inc and Information
Network Center of Beijing University of Posts and Telecommunications, © 2004. | Software copyrighted
by Simon Josefsson, © 2003. | Software copyrighted by Thomas Jacob, © 2003-2004. | Software
copyrighted by Advanced Software Engineering Limited, © 2004. | Software copyrighted by Todd C.
Miller, © 1998. | Software copyrighted by The Regents of the University of California, © 1990, 1993,
with code derived from software contributed to Berkeley by Chris Torek.
COPYRIGHT
Copyright © 2009 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or
translated into any language in any form or by any means without the written permission of McAfee, Inc.,
or its suppliers or affiliate companies.
TRADEMARK ATTRIBUTIONS
AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD,
MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS,
SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered
trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee
Red in connection with security is distinctive of McAfee brand products. All other registered and
unregistered trademarks herein are the sole property of their respective owners.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO
THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE
USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER
DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED
SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB-SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO
NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE.
IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL
REFUND.
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16

McAfee AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009 Release note

Type
Release note
This manual is also suitable for

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI