ENS 10.5 Installation

Installation Guide
McAfee Endpoint Security 10.5.0

For use with McAfee ePolicy Orchestrator
COPYRIGHT
2016 Intel Corporation
TRADEMARK ATTRIBUTIONS
Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo, McAfee Active
Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Evader, Foundscore, Foundstone, Global Threat Intelligence,
McAfee LiveSafe, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee TechMaster, McAfee
Total Protection, TrustedSource, VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries.
Other marks and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
2 McAfee Endpoint Security 10.5.0 Installation Guide

Contents
Preface 5
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1 Product overview 7
Endpoint Security modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Options for installation and upgrades . . . . . . . . . . . . . . . . . . . . . . . . . . 8
New features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
How the product works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
The role of the security management platform . . . . . . . . . . . . . . . . . . . 10
Security management options . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Self-management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Management with McAfee ePO . . . . . . . . . . . . . . . . . . . . . . . . . 11
Management with McAfee ePO Cloud . . . . . . . . . . . . . . . . . . . . . . . 13
Where to go from here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2 Pre-installation 15
System requirements for Endpoint Security . . . . . . . . . . . . . . . . . . . . . . . 15
Other virus-detection and firewall software . . . . . . . . . . . . . . . . . . . . . . . 17
Preparing to install or upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Preconfiguring the product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Create custom packages with Endpoint Security Package Designer . . . . . . . . . . . 19
Install custom packages with McAfee ePO . . . . . . . . . . . . . . . . . . . . . 20
Create a custom policy to import . . . . . . . . . . . . . . . . . . . . . . . . 21
Upgrading an existing version of the product . . . . . . . . . . . . . . . . . . . . . . . 22
Are you ready to install? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3 Installation for systems managed with McAfee ePO and McAfee ePO Cloud 25
Installation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Upgrade the McAfee Agent on McAfee ePO-managed systems . . . . . . . . . . . . . . . . 27
Install the product files on the management server . . . . . . . . . . . . . . . . . . . . 28
Download Endpoint Security content files . . . . . . . . . . . . . . . . . . . . . . . . 29
Deploy to multiple systems with deployment tasks . . . . . . . . . . . . . . . . . . . . 29
Install on local systems with an installation URL . . . . . . . . . . . . . . . . . . . . . 31
Install the product with default settings . . . . . . . . . . . . . . . . . . . . . . 31
Install the product with custom settings . . . . . . . . . . . . . . . . . . . . . 32
Install with an installation URL . . . . . . . . . . . . . . . . . . . . . . . . . 33
Verify the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud . . . . . . . . . . . 34
4 Installation for self-managed systems 37

Installation overview for self-managed systems . . . . . . . . . . . . . . . . . . . . . 37
Upgrade the McAfee Agent on self-managed systems . . . . . . . . . . . . . . . . . . . 38
McAfee Endpoint Security 10.5.0 Installation Guide 3

Contents
Install with the installation wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Install from the command line . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Verify the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Uninstall from a self-managed system . . . . . . . . . . . . . . . . . . . . . . . . . 40
5 Troubleshooting and reference 43

Troubleshooting installation problems . . . . . . . . . . . . . . . . . . . . . . . . . 43
Test malware detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Using the MER tool for troubleshooting . . . . . . . . . . . . . . . . . . . . . . 43
Resolving error codes and messages . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Using command-line options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
SetupEP command-line options (McAfee ePO and McAfee ePO Cloud deployment tasks) . . 46
SetupEP command-line options (self-managed) . . . . . . . . . . . . . . . . . . 47
ESConfigTool command-line options . . . . . . . . . . . . . . . . . . . . . . 50
Log files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
A Adaptive Threat Protection installation 53

About Adaptive Threat Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Install the product in managed environments . . . . . . . . . . . . . . . . . . . . . . 54
Using Adaptive Threat Protection on managed systems . . . . . . . . . . . . . . . 54
System requirements for Adaptive Threat Protection . . . . . . . . . . . . . . . . 55
Overview of Adaptive Threat Protection installation process . . . . . . . . . . . . . . 56
Download and check in the components to McAfee ePO . . . . . . . . . . . . . . . 57
Deploy Adaptive Threat Protection . . . . . . . . . . . . . . . . . . . . . . . . 58
Verify the deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
What to do after installation . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Uninstall Adaptive Threat Protection . . . . . . . . . . . . . . . . . . . . . . . 59
Install the product on self-managed systems . . . . . . . . . . . . . . . . . . . . . . 60
Using Adaptive Threat Protection on self-managed systems . . . . . . . . . . . . . . 60
System requirements for Adaptive Threat Protection on self-managed systems . . . . . . 60
Overview of Adaptive Threat Protection installation process . . . . . . . . . . . . . . 61
Install Adaptive Threat Protection on the system . . . . . . . . . . . . . . . . . . 61
Verify the installation on self-managed systems . . . . . . . . . . . . . . . . . . 61
What to do after installation . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Uninstall Adaptive Threat Protection on self-managed systems . . . . . . . . . . . . 62
Index 63

Preface
This guide provides the information you need to work with your McAfee product.
Contents
About this guide
Find product documentation
About this guide

This information describes the guide's target audience, the typographical conventions and icons used
in this guide, and how the guide is organized.
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
Administrators People who implement and enforce the company's security program.
Conventions
This guide uses these typographical conventions and icons.
Italic Title of a book, chapter, or topic; a new term; emphasis

Bold Text that is emphasized
Monospace Commands and other text that the user types; a code sample; a displayed message
Narrow Bold Words from the product interface like options, menus, buttons, and dialog boxes
Hypertext blue A link to a topic or to an external website
Note: Extra information to emphasize a point, remind the reader of something, or
provide an alternative method
Tip: Best practice information
Caution: Important advice to protect your computer system, software installation,

network, business, or data
Warning: Critical advice to prevent bodily harm when using a hardware product

Preface

On the ServicePortal, you can find information about a released product, including product
documentation, technical articles, and more.
Task
1 Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab.
2 In the Knowledge Base pane under Content Source, click Product Documentation.
3 Select a product and version, then click Search to display a list of documents.

1 Product overview

McAfee Endpoint Security is a fully integrated security solution that protects servers, endpoint
computer systems, laptops, and tablets against a full spectrum of threats. These threats include
malware, suspicious communications, unsafe websites, and downloaded files. Endpoint Security
intercepts threats, monitors overall system health, and reports detection and status information.
The product can be installed on self-managed (standalone) systems or systems managed by these
security management platforms:
McAfee ePolicy Orchestrator (McAfee ePO ) version 5.1.1 and later

McAfee ePolicy Orchestrator Cloud (McAfee ePO Cloud)

For the latest Endpoint Security management license and entitlement information, see KB87057.
Contents
Endpoint Security modules
Options for installation and upgrades
New features
How the product works
Security management options
Where to go from here
Endpoint Security modules

The administrator configures and installs one or more Endpoint Security modules on client computers.
Threat Prevention Checks for viruses, spyware, unwanted programs, and other threats by
scanning items automatically when users access them or on demand at any time.
Firewall Monitors communication between the computer and resources on the network and the
Internet. Intercepts suspicious communications.
Web Control Displays safety ratings and reports for websites during online browsing and
searching. Web Control enables the site administrator to block access to websites based on safety
rating or content.
Adaptive Threat Protection Analyzes content from your enterprise and decides what to do
based on file reputation, rules, and reputation thresholds.
Adaptive Threat Protection is an optional Endpoint Security module. For additional threat
intelligence sources and functionality, deploy the Threat Intelligence Exchange server. For
information, contact your reseller or sales representative.
Adaptive Threat Protection isn't supported on systems managed by McAfee ePO Cloud.
In addition, the Common module provides settings for common features, such as interface security
and logging. This module is installed automatically if any other module is installed.

1
Product overview

McAfee Endpoint Security includes automated installation and setup processes for multiple
management environments.
Automated installation and deployment

Select the level of automation or customization that best suits your needs.
Automated wizards Install and deploy the product with preconfigured, default settings and
minimal interaction during installation.
Customized options Use the Endpoint Security Package Designer to create custom product
packages that include preconfigured policy settings. Specify installation features, such as installing
silently.
Single or multiple targets Install on local systems or deploy remotely to all managed systems.
Side-by-side management and upgrades

Install, manage, and upgrade multiple product versions and operating system platforms using a single
management platform.
Inline installation Install and manage new products side by side with previous versions.
Management of multiple client versions and platforms Use McAfee ePO and McAfee ePO
Cloud with the McAfee Agent to manage 10.010.5 versions of the Endpoint Security Client on
Windows systems and compatible client software on Mac and Linux systems.
Migration of custom settings Migrate your settings from legacy products for use with
Endpoint Security.
On self-managed systems The installation wizard preserves your settings during the
upgrade process, by default. You can specify the products to upgrade.
On McAfee ePO-managed systems The Endpoint Migration Assistant provides two

migration paths. You can migrate all your settings automatically, or select settings to migrate
manually, then configure some of them before migration if needed.
New features
The current release of the product includes these new features.
See the McAfee Endpoint Security Release Notes for a complete listing of new product features and
enhancements in this release.

1
Product overview

Endpoint Security detects, resolves, and logs information about detected threats. Client software is
installed on each managed system to perform these tasks.
For self-managed systems A local system user installs the client software, customizes the
features, and manages detections.
For managed systems Typically, an administrator installs the client software, manages
detections, and sets up security rules, called policies, that determine how product features work.
Depending on the policies configured by the administrator, users might be able to customize some
product features.
The role of the client software

The client software protects systems with regular upgrades, continuous monitoring, and detailed
reporting.
1 It silently monitors all file input and output, downloads, program executions, inbound and outbound
communications, visits to websites, and other systemrelated activities on managed systems, then:
Deletes or quarantines detected viruses.
Removes potentially unwanted programs, such as spyware or adware.
Blocks or warns of suspicious activity, depending on product settings.
Indicates unsafe websites with a colorcoded button or icon in the browser window or search
results page. These indicators provide access to safety reports that detail site-specific threats.
Blocks or warns of unsafe websites, depending on product settings.

1
Product overview
2 It regularly connects to a local or remote McAfee ePO server or directly to a site on the Internet to
check for:
Updates to content files, which contain information that Endpoint Security uses to detect
threats. These files are updated as new threats are discovered to ensure that systems are
always protected against the latest threats.
Upgrades to software components.
If new versions are available, the client software downloads them.
3 It logs security information for each managed system, including protection status and details about
detections. Users can view this information in the client console on self-managed systems and on
managed systems where policy settings are configured to allow it.
4 (Managed systems only) It regularly communicates with a security management server to:
Send logged security information.
Receive new policy assignments.
The role of the security management platform

Administrators can use a network security management platform to manage security for all network
systems from a centralized console.
If you're an administrator using a supported security management platform, you can perform these
network security tasks:
Deploy product software to managed systems.
Manage and enforce network security using policy assignments and automated tasks.
Manage protection for systems running on multiple operating system platforms.
Update the product components and required security content to ensure that managed systems are
secure.
Create reports that display informative, user-configured charts and tables containing your network
security data.
Management strategies vary according to the number and location of managed systems and the way
they are used.
Enterprise networks for industry and government typically employ a team of IT administrators to
monitor and regulate security full time.
Smaller businesses might ask an employee to dedicate an hour or two a week to monitoring
security, subscribe to management software hosted on a server "in the cloud," or let individual
users manage security on their own systems.
Endpoint Security adapts to any of these environments.

1
Product overview

Endpoint Security adapts to various users and settings by supporting multiple security management
options. Select the right type of management for your needs based on your network's resources, the
number and location of the managed systems, and the way systems are used.
Self-managed systems
On systems not managed with a security management platform, Endpoint Security:
Supports desktops and laptops.
Requires no management server or server-side components.
Is installed on the local system by local users.
Is configured and managed from the client console on the local system.
Managed systems
McAfee ePO and McAfee ePO Cloud enable access to additional management features, which include a
management server and administrative console.
Features Managed with McAfee Managed with

ePO McAfee ePO Cloud
System support
Supported devices Servers, desktops, laptops, Servers, desktops, and
and tablets laptops
Located on premise with the management Yes (also manages remote No
server devices)
Installation
Administrators install server-side components Yes No
Administrators can install client software Yes Yes
remotely to multiple systems
Users can install client software on local Yes Yes
systems with a URL
Management
Administrator uses web-based console Yes Yes
Users use local client console (Optional) Yes Yes
Self-management
Install and manage the product directly on a local system that is not connected to a network or
managed from a centralized security management platform.
In this case, users run the installation wizard directly on the local system. After installation is
complete, they can manage the security settings and product features directly from the client console.
For example, they can schedule scans, view reports, and check for updates as needed.
Management with McAfee ePO

Use McAfee ePO to deploy and manage the product on systems located at sites with local McAfee ePO
servers and at remote sites managed by those servers. In this case, one or more administrators
typically manage the server and the network systems where the product is installed.
McAfee ePO was designed for large enterprise networks, and includes new features to facilitate ease of
use and to enhance extensibility for many network configurations.

1
Product overview
Managed systems follow the classic client-server model, in which they call into the management
(McAfee ePO) server for instructions. (To facilitate this call, a McAfee Agent is deployed to each system
in the network. Once an agent is deployed to a system, the system can be managed by McAfee ePO,
and client software for managed products can communicate with the server.)
The following figure shows how Endpoint Security integrates into a secure McAfee ePO environment.
1 The administrator sets up the McAfee ePO server-side components, then deploys the McAfee Agent
to managed systems.
The McAfee ePO database stores all data about the managed systems on the network, including:
System properties
Policy information
Directory structure
Threat events (information about detections)
All other relevant data that the server needs to keep managed systems up to date
The McAfee Agent deployed to each system facilitates:

Policy enforcement
Product deployments and updates
Reporting on managed systems
2 The administrator deploys client software to managed systems.

Endpoint Security Client is the client software for Windows systems. McAfee ePO extensions for
Endpoint Security can also manage supported client software installed on Mac and Linux systems.

1
Product overview
3 The McAfee ePO server connects to the McAfee update server to pull down the latest security
content.
The McAfee ePO update server hosts the latest security content, so the McAfee ePO software can
pull the content at scheduled intervals.
4 Agent-server secure communication (ASSC) occurs at regular intervals between the systems and
the McAfee ePO server. Then:
McAfee ePO sends any available new policy assignments or product updates for the client
software to the managed systems. This communication occurs shortly after the client software is
installed and at regular intervals thereafter.
The client software sends the security information it has logged to the server.
5 The administrator logs on to the McAfee ePO console to perform security management tasks, such
as running queries to report on security status or working with managed software security policies.
Management with McAfee ePO Cloud

Use McAfee ePO Cloud to deploy and manage the product on systems located at sites that do not have
their own management server. In this case, McAfee hosts the server.
McAfee ePO Cloud was designed for small and medium networks that do not have a dedicated security
management team or infrastructure in place. McAfee sets up the McAfee ePO Cloud server and
database "in the cloud," creates an account, makes products available to install on managed systems,
and sends logon credentials to an account administrator.
Managed systems follow the classic client-server model, in which they call into the management
(McAfee ePO Cloud) server for instructions. (To facilitate this call, a McAfee Agent is deployed to each
system in the network. Once an agent is deployed to a system, the system can be managed by
McAfee ePO Cloud, and client software for managed products can communicate with McAfee ePO
Cloud.)
The following figure shows how Endpoint Security integrates into a secure McAfee ePO Cloud
environment.

1
Product overview
1 McAfee sets up the server-side components "in the cloud," including the McAfee ePO Cloud server
and database, then sends the URL and logon information to the administrator.
2 The McAfee ePO Cloud server connects to the McAfee update server to pull down the latest security
content.
The McAfee update server hosts the latest security content, so the McAfee ePO Cloud software can
pull the content at scheduled intervals.
3 The administrator uses a browser to log on to McAfee ePO Cloud, creates an installation URL, and
sends it to users along with instructions for installing the client software on their systems.
Endpoint Security Client is the client software for Windows systems. Endpoint Security server-side
components can also manage supported client software installed on Mac and Linux systems.
The URL installs the McAfee Agent (if it is not already installed) and Endpoint Security Client. The
system communicates back to McAfee ePO Cloud and is then managed and protected by McAfee
ePO Cloud.
4 Agent-server secure communication (ASSC) occurs at regular intervals between the systems and
the McAfee server. Then:
McAfee ePO Cloud sends any available new policy assignments or product updates for the client
software to the managed systems. This occurs shortly after the client software is installed and
at regular intervals thereafter.
The client software sends the security information it has logged to the server.
5 The administrator uses a browser to log on to McAfee ePO Cloud and perform security management
tasks, such as running queries to report on security status or configuring managed software
security policies.

This guide explains how to install or upgrade Endpoint Security on centrally managed and
self-managed Windows systems.
To install client software for Endpoint Security for Mac or Endpoint Security for Linux, see the product
documentation.
When you are ready to begin, follow this process.
1 Check the information in Chapter 2 to ensure that your systems and environment meet the
requirements to install and run the product.
Chapter 2 also describes requirements for migrating legacy products.
2 Follow the instructions in the chapter for your management environment.
To install on systems managed with... Go to...

McAfee ePO or McAfee ePO Cloud Chapter 3
Self-management (no security management platform) Chapter 4
3 See Chapter 5 for reference or troubleshooting information.
4 (Optional) For information about installing Endpoint Security Adaptive Threat Protection, see
Appendix A, Adaptive Threat Protection installation.

2 Pre-installation
Your managed systems must have specific hardware and software to run McAfee Endpoint Security.
Review these requirements and recommendations before installing your Endpoint Security software to
make sure that your installation is successful.
Contents
System requirements for Endpoint Security
Other virus-detection and firewall software
Preparing to install or upgrade
Preconfiguring the product
Upgrading an existing version of the product
Are you ready to install?

This release supports deploying Endpoint Security to Windows operating systems. You can manage
Windows, Mac, and Linux clients from McAfee ePO using Endpoint Security extensions.
System and hardware requirements

For a complete list of current system requirements:
Endpoint Security KB82761
Endpoint Security for Mac KB84934
Endpoint Security for Linux KB87073
Platforms no longer supported

Windows Vista SP2
Windows Server 2008
Windows 2008 R2 is supported.
Products no longer supported

McAfee Agent 5.0.1

2
Pre-installation
Supported and unsupported browsers

Product installation been verified to function correctly on these versions of popular browsers. URL
installation requires one of these browsers and an Internet connection.
Mozilla Firefox (versions 3.0 and later)
Google Chrome (versions 4.0 and later)
Microsoft Internet Explorer (versions 8, 9, 10, and 11)
Safari, versions (7.1.x, 8.0.x, and 9.0.x) Endpoint Security for Mac
The installation wizard works with the default security level for Internet Explorer. For other browsers,
select a security level that enables Javascript. See the web browser's documentation for instructions
on configuring the security level if you must change it.
Web Control
Web Control supports these browsers:
Microsoft Internet Explorer 11
Google Chrome current version
Chrome doesn't support the Show Balloon option.
Mozilla Firefox current version
Mozilla Firefox ESR (Extended Support Release) current version and previous version
As Google and Mozilla release new versions frequently, Web Control might not work with a new update.
A Web Control patch is released as soon as possible to support the changes from Google or Mozilla.
Web Control doesn't support Microsoft Edge.
For the latest information about browsers that Web Control supports, see KB82761.
On self-managed systems, all browsers supported and unsupported are allowed by default.
Supported security management platforms

If you plan to manage security for network systems, you must first set up a supported management
platform and place the network systems under its management.

2
Pre-installation
Management Requirements
platform
McAfee ePO An administrator has:
Installed McAfee ePO 5.1.1 or later. (McAfee ePO 5.3.1 or later is
recommended.)
Deployed McAfee Agent 5.0.2.333 or later to managed systems. (McAfee
Agent 5.0.4 is recommended.)
See the McAfee ePolicy Orchestrator Installation Guide for instructions.
McAfee ePO Cloud McAfee or another service provider has set up your account, installed
server-side components, and sent you logon credentials for McAfee ePO
Cloud.
An administrator has deployed McAfee Agent 5.0.2.333 or later to managed
systems. (McAfee Agent 5.0.4 is recommended.)
For the latest Endpoint Security management license and entitlement
information, see KB87057.
See the McAfee ePolicy Orchestrator Cloud Installation Guide for instructions.
None You have installed McAfee Agent 4.0 or later on your system.
(self-managed)
Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is
recommended). Endpoint Security automatically upgrades version 4.0 and later
of the agent to a supported version during product upgrades. You can also
upgrade the agent manually.
See also
Upgrade the McAfee Agent on McAfee ePO-managed systems on page 27
Upgrade the McAfee Agent on self-managed systems on page 38
System requirements for Adaptive Threat Protection on page 55

It is not necessary to uninstall existing virus-detection and firewall products on managed systems
before installing Endpoint Security. The installation wizard detects these products and resolves most
conflicts automatically.
If the Windows firewall is enabled The wizard disables the Windows firewall automatically to
prevent conflicts.
If incompatible virus detection or firewall software is installed The wizard attempts to

uninstall the software. If it can't, it prompts the user to cancel the installation, uninstall the
incompatible software manually from the Windows Control Panel, then resume the installation.
Installation resumes where it left off.
See KB85522 for a list of the software products uninstalled automatically. If you have incompatible
software that does not appear on this list, manually uninstall it before installing Endpoint Security.
Users might be prompted to reboot their systems after uninstalling firewall software.

2
Pre-installation
If McAfee Host Intrusion Prevention is installed The Endpoint Security Firewall replaces the
Host Intrusion Prevention Firewall, and you can also migrate your Host Intrusion Prevention
Firewall settings to the new Endpoint Security Firewall. Host Intrusion Prevention (without its
firewall module) can run side by side with the Endpoint Security Firewall.
You are not required to upgrade to Endpoint Security Firewall or migrate your settings. You can
continue to run the McAfee Host IPS Firewall after installing Endpoint Security Firewall. Whenever
McAfee Host IPS Firewall is installed and enabled, Endpoint Security Firewall is disabled even if
enabled in the policy settings.
If McAfee Deep Defender is installed You must remove this conflicting product manually or

with a client task before installing Endpoint Security.

Identify and resolve potential issues before installing or upgrading Endpoint Security.
Run McAfee GetClean Run the McAfee GetClean tool on the deployment base images for your
production systems to ensure that clean files are sent to McAfee Global Threat Intelligence

(McAfee GTI) to be categorized. This tool helps to ensure that McAfee GTI does not provide an
incorrect reputation value for your files. For more information, see the McAfee GetClean Product
Guide.
Review and revise settings for products you plan to upgrade Review policy settings, client
tasks, and assignments, consolidating them where possible. Remove duplicates and unused
objects.

You can customize settings for product features before deploying the product to managed systems.
Preconfiguration enables you to meet specific requirements, for example, in environments with
security compliance standards. Preconfigured policy settings take effect on installation.
Overview of preconfiguration process

Use one of these methods to install Endpoint Security with preconfigured policy settings.
For self-managed systems Export policy settings to a file, then import them during a
command-line installation.
1 Customize policies with the settings required for your system.
2 Export the settings using ESConfigTool with command-line options.
3 Import the settings using SetupEP with command-line options.
For McAfee ePO systems Create a custom product package with Endpoint Security Package
Designer, then deploy it using McAfee ePO or third-party software.
1 Customize policies with the settings required for your environment.
2 Create a custom product package that includes the preconfigured policies. The Endpoint
Security Package Designer steps you through this process.

2
Pre-installation
3 Check in components from the custom product package to a location accessible by your
deployment software. For McAfee ePO, this is the Master Repository.
4 Deploy the policy settings to managed systems. Use McAfee ePO or a third-party deployment
tool.
See the Endpoint Security Help for information about the features you can configure.
Best practices
McAfee preconfigures features with default settings that protect systems in medium-risk
environments. These settings ensure that systems can access important websites and applications
until there is time to customize the settings.
When customizing product features, make sure to configure:
Where and how managed systems get updates.
How often and what time of day managed systems check for updates.
Access to required websites and applications without interruption.
Create custom packages with Endpoint Security Package

Designer
The Endpoint Security Package Designer steps you through the process of creating a product
package .zip file that contains preconfigured custom policies.
Before you begin

You have installed Endpoint Security on managed systems. Package Designer checks to
verify that it is installed.
You have a source package to customize, if needed, as part of this process.
You have downloaded and installed Package Designer.
Endpoint Security Package Designer is a standalone tool (not included with Endpoint Security) that you
can download. Use this tool to create a custom package using existing Endpoint Security settings or
customized settings on a client system. You can then deploy the custom package files in one of
these ways:
As a standalone installer
Using McAfee ePO
Using a third-party network deployment tool
For information about installing and using Package Designer, see KB86438.
Task
For details about product features, usage, and best practices, click ? or Help.
1 Open the Package Designer wizard.
2 On the Select Folders screen, select the source package file and destination folder for the custom
package.
a Browse to the package you want to create.
b Browse to the folder where you want to create the package.

2
Pre-installation
c (Optional) Specify a custom name for the package. The .zip file extension is appended to the file
name automatically.
d Click Next.
3 On the Modify Package screen, click Edit Settings and make changes to the settings if needed, then click
Next.
4 On the Create Package screen, review and verify your selections and the content of the custom
package, then click Create.
A progress bar displays the status of your request.
5 On the Package Completed screen, select an option:

Open Package Location Navigates to the folder where the package was created. From there, you
can check in the package to the Master Repository in McAfee ePO for deployment or deploy it by
using third-party software.
Best practice: Test custom packages before deploying them to your McAfee ePO environment.
Finish Exits the wizard.
Install custom packages with McAfee ePO

Use McAfee ePO to install a custom package that you created with the Endpoint Security Package
Designer.
Before you begin

You have created a package with custom policies and copied it to a location that is
accessible from your McAfee ePO server.
You can also use a third-party network deployment tool to deploy custom package files. See its
product documentation for more information.
If you migrate settings from legacy products to Endpoint Security, policies included in a custom package
take precedence over legacy policies. In these cases, the custom policy settings are applied instead of
the legacy settings.
Task
1 Navigate to the folder where you created the custom package, then extract the files.
From the Package Designer, click Open Package Location in the Package Completed screen, or navigate to
the location manually.
2 In McAfee ePO, go to the Master Repository, then click Check In Package.
3 On the Package tab of the Check In Package screen, select the package to check in.
a For Package type, select Product or Update (.ZIP).
b For File path, click Choose File, navigate to the custom package, then click Open.
c Click Next.
4 On the Package Options tab, verify the package information and select the branch where you want to
install the package, then click Save.

2
Pre-installation
5 Repeat steps 24 for each .zip file you extracted from the custom package.
6 To install the files you have checked in on managed systems, create a client deployment task.
Create a custom policy to import

Use ESConfigTool to create preconfigured policy settings that you can import during product
installation. You can then use SetupEP to install Endpoint Security with settings in place rather than
waiting for the first policy enforcement.
Before you begin

Endpoint Security is deployed to at least one managed system.
This utility exports all policy settings for your selected product modules to a location that you specify.
For example, preconfigure port exclusions to ensure that vital communications are not blocked when
Firewall is installed, or preconfigure settings required for compliance with security regulations.
ESConfigTool is located in the Endpoint Security Platform folder (C:\Program Files\McAfee\Endpoint

Security\Endpoint Security Platform, by default).
Task
For option definitions, run ESConfigTool with no options: ESConfigTool.exe
1 Create a policy and configure the required settings, then save it.
2 Using the ESConfigTool command line, export the policy to create <file_name>.
ESConfigTool.exe /export <file_name> [/module <TP|FW|WC|ESP> ]
Save this file to a folder that is not protected by McAfee. The folder containing ESConfigTool is
protected, so the export location should be a different, writable location.
Example:
ESConfigTool.exe /export C:\ENS\firewall.policy /module FW
This example exports the Firewall policy settings to C:\ENS\firewall.policy.
3 Using the SetupEP utility, install Endpoint Security and import <file_name>.
<file_name> is the exported policy settings file created in the previous step.
setupEP.exe <options> /import <file_name> /module <FW|TP|WC|ESP>
Example:
setupEP.exe ADDLOCAL="fw,tp,wc" /import C:\ENS\firewall.policy /module FW

This example installs the McAfee Endpoint Security Firewall, McAfee Endpoint Security Threat

Prevention, and McAfee Endpoint Security Web Control product modules (and Endpoint Security

Platform, also called the McAfee Endpoint Security Common module, which installs automatically).
It also imports policy settings from the firewall.policy file and applies them to the Firewall module.
See also
SetupEP command-line options (self-managed) on page 47
ESConfigTool command-line options on page 50

2
Pre-installation

If a previous supported version of one or more product modules is installed currently in your
environment, you can upgrade to Endpoint Security. If you are upgrading legacy products, such as
VirusScan Enterprise, you can also migrate your custom settings.
Upgrading Endpoint Security

Use the installation wizard to install the new Endpoint Security product modules side by side with your
existing products. You can continue to use both product versions until you are ready to remove the
older ones.
You can use the McAfee Agent to manage versions 10.010.5 of Endpoint Security.
You can continue to run Endpoint Security Threat Intelligence 10.2 after upgrading to Threat
Prevention 10.5.
Upgrading to Adaptive Threat Protection

To upgrade Endpoint Security Threat Intelligence version 10.2 to Adaptive Threat Protection version
10.5, you must manually upgrade after installing Endpoint Security version 10.5.
Adaptive Threat Protection requires version 10.5 of both Threat Prevention and Endpoint Security
Platform.
Updating to Adaptive Threat Protection is not a requirement. You can continue to run Endpoint
Security Threat Intelligence version 10.2 after upgrading to Threat Prevention version 10.5.
Best practice: To use all the newest features, install the 10.5 version of Adaptive Threat Protection
with the 10.5 version of Endpoint Security.
Migrating or preserving legacy product settings

When you upgrade these legacy products, you can migrate (or preserve) some of your custom product
settings:
Product versions that migrate Settings that migrate

(all patch levels)
McAfee VirusScan Enterprise 8.8 Policies You can migrate workstation policies, server policies,
or both if you have both defined.
Client tasks
McAfee Host Intrusion Prevention Host IPS Catalog Renamed Firewall Catalog in Endpoint
Firewall 8.0 Security.
Firewall and General policies
McAfee Host Intrusion Prevention IPS Rules policy:

8.0
Excluded Application Protection Rules
IPS Exceptions
Custom signatures
McAfee-defined signatures supported by the Exploit
Prevention policy
IPS Protection policy

2
Pre-installation
Product versions that migrate Settings that migrate

(all patch levels)
McAfee SiteAdvisor Enterprise 3.5 Policies
Client tasks
McAfee Endpoint Protection for Anti-malware policy:

Mac 2.3
On-access Scan
McAfee VirusScan for Mac 9.8
Exclusions: On-access Scan
McAfee VirusScan Enterprise for On-Access Scanning policy

Linux 2.0.2
On-Demand Scanning client tasks
Best practice: Before migrating, review your legacy settings to make sure that they are up to date,
then consolidate, remove duplicates, and remove unused settings, policies, and client tasks.
On self-managed systems The installation wizard allows you to preserve your legacy settings
when you upgrade to Endpoint Security.
In McAfee ePO environments Use the Endpoint Migration Assistant to create Endpoint
Security policies based on your current legacy product settings. You can let the Migration Assistant
migrate all your settings automatically, or you can select which policies to migrate, then configure
new settings manually. The Migration Assistant also migrates client tasks and other settings. For
more information, see the McAfee Endpoint Security Migration Guide and Help.

When your environment meets the requirements specified in this chapter, you are ready to begin
installation.
These components... Meet these requirements

All systems where you Hardware components meet or exceed minimum requirements.
want to install the product
Supported operating system is installed.
Supported web browser is installed.
Managed systems only Required agent is installed and communicating with the management
server.
(Upgrade) Supported version of software is installed.
Management server Supported management platform is installed.

(Optional) You have preconfigured policy settings for product features
as needed.
(Upgrade) Supported version of extension is installed.
(Optional) Your environment meets the requirements for Adaptive
Threat Protection, and you are prepared to install and configure its
components.

2
Pre-installation
If you plan to:
Migrate your custom settings for legacy products in McAfee ePO environments Check
requirements in the McAfee Endpoint Security Migration Guide.
Install Adaptive Threat Protection See Appendix A, Adaptive Threat Protection installation,
for information about installing and setting up the components. Adaptive Threat Protection is an
optional Endpoint Security module.
Install compatible client software on Mac and Linux systems See the product
documentation for Endpoint Security for Mac and Endpoint Security for Linux.

3 Installation for systems managed with
McAfee ePO and McAfee ePO Cloud
Use this information to install the product on Windows systems managed with McAfee ePO and McAfee
ePO Cloud.
Contents
Installation overview
Upgrade the McAfee Agent on McAfee ePO-managed systems
Install the product files on the management server
Download Endpoint Security content files
Deploy to multiple systems with deployment tasks
Install on local systems with an installation URL
Verify the installation
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud
In McAfee ePO and McAfee ePO Cloud environments, administrators can deploy the product software
remotely to managed systems or ask users to install it locally. For McAfee ePO, they must also install
product software on the management server.
Management environment characteristics

The primary differences in managing the two environments are:
McAfee ePO Administrators install product components on the management server, then they
typically configure feature settings and deploy the client software to multiple managed systems
using deployment tasks.
McAfee ePO Cloud McAfee or another service provider sets up each McAfee ePO Cloud account
on an offsite management server and notifies the local administrator when products are ready to
install on managed systems. Local administrators then typically create and send an installation URL
to users for installation on local systems.
In McAfee ePO Cloud environments, you must have administrative logon credentials for a McAfee
ePO Cloud account before installing the product. McAfee or your service provider sends these to you
in an email. If you have not previously activated and configured an account, see the McAfee ePO
Cloud product guide for instructions.
For the latest Endpoint Security management license and entitlement information, see KB87057.

3
Installation for systems managed with McAfee ePO and McAfee ePO Cloud
Endpoint Security supports both URL installation and deployment tasks in either environment. As an
administrator, you can choose the method that best suits your needs.
If you are installing Adaptive Threat Protection, see Appendix A, Adaptive Threat Protection installation,
for additional steps. Adaptive Threat Protection is an optional Endpoint Security module.
Installation and upgrade process
Task Description McAfee Notes

ePO or
McAfee
ePO Cloud
1 Ensure that all managed systems meet the Both
requirements described in Chapter 2, Pre-installation.
2 Upgrade McAfee Agent, if needed. McAfee ePO Endpoint Security
requires McAfee Agent
5.0.2.333 or later
(version 5.0.4 is
recommended). If
running an earlier
version, upgrade the
agent manually.
3 Prepare policies as needed. McAfee ePO Only for migration or

preconfigured settings
If you are migrating legacy policies Review
and revise your settings to eliminate unused,
outdated, and duplicate settings.
If you are preconfiguring policies Create a
custom package.
4 Open the management console. (Open your web Both

browser and log on to your account.)
5 Install the product files on the McAfee ePO server. McAfee ePO
6 Manually update your McAfee ePO server with the McAfee ePO
latest content files required for Endpoint Security:
AMCore, Exploit Prevention, and (if applicable)
Adaptive Threat Protection content files.
7 Migrate policies, client tasks, and other settings from McAfee ePO Only for migration
supported legacy products. See the McAfee
Endpoint Security
Migration Guide for
more information.
8 Configure policies as needed. Both Optional

3
Task Description McAfee Notes

ePO or
McAfee
ePO Cloud
9 Deploy the client software with default or custom Both
settings to managed systems in one of these ways:
Remotely to multiple managed systems with
deployment tasks Preferred for McAfee ePO.
Locally on managed systems with an
installation URL Preferred for McAfee ePO
Cloud.
Best practice: Restart the managed system after

installing this release of the product.
10 Verify that the client software is installed and up to Both

date on all managed systems.
See also
Create custom packages with Endpoint Security Package Designer on page 19
Preconfiguring the product on page 18

Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is recommended). On
managed systems running an earlier version, you need to upgrade the McAfee Agent manually before
deployment.
For McAfee ePO Cloud, no action is required to upgrade McAfee Agent. The new agent is installed
automatically on managed systems from the McAfee ePO Cloud installation URL sent to users.
On Windows systems, communication is blocked between McAfee ePO and the agent when running
McAfee Host IPS 8.0 (Patch 4 or earlier) and McAfee Agent version 5.0 (or later). See KB82869 for
instructions to resolve this issue.
Task
1 Download and deploy the package.
2 Log on to McAfee ePO as administrator.
3 Select Menu | Extensions, click Install Extension, and select the EPOAGENTMETA.zip file.
4 Select Menu | Master Repository, click Check In Package, and select the MA-WIN 5.0.2 .zip file or the latest
recommended version (5.0.4).
5 Deploy the new McAfee Agent using one of these methods:

Create a deployment task to push the new package to the client systems: Select New | Product
Deployment, then click New Deployment.
Create and distribute a new deployment URL.

3
When you check in the new McAfee Agent, which overwrites the previous version, any
deployment URL created with the previous version no longer works. You must create and
distribute a new URL with the new McAfee Agent.
1 Select Menu | System Tree, then select the subgroup that contains the systems to deploy to.
2 On the Agent Deployment tab, click Create Agent Deployment URL.
3 Enter the URL name, verify the agent version, then click OK.
4 Distribute the URL for new deployments.
For more information about deployment, see the McAfee ePO Help.

In McAfee ePO environments only, install server-side components for Endpoint Security on the McAfee
ePO server as the first step in the installation process.
Before you begin

Your network security management platform must meet the requirements described in
Chapter 2, Pre-installation.
This task installs two types of product components on the management server:
Product management extensions Add Endpoint Security management features (such as queries,
client tasks, and online Help) to the McAfee ePO server that enable you to manage the product
from the console.
Product deployment packages Add product software files to the Master Repository. You can then
deploy them to managed systems.
Task
1 On the security management console, select Menu | Dashboards, then select Guided Configuration from
the drop-down list.
2 On the Guided Configuration screen, click Begin.
3 Click Software Selection, then:

a Under the Software Not Checked In product category, click Licensed to display available products.
b In the Software table, select the product you want to check in. The product description and all
available components are displayed in the table below.
c Click Check In All to check in product extensions to your McAfee ePO server, and product packages
to your Master Repository.
When installation is complete, the extensions are listed on the Extensions page and the packages
are listed in the Master Repository.
You can now deploy the product to managed systems.

3

You must manually update your McAfee ePO server with the latest AMCore and Exploit Prevention
content files required for Endpoint Security.
Before you begin

The Endpoint Security packages are checked in to the Master Repository on your McAfee
ePO server.
Task
1 In McAfee ePO, select Menu | Automation | Server Tasks to open the Server Task Catalog.
2 Edit the Update Master Repository server task.
3 Click the Actions tab.
4 For the Repository Pull action, ensure that the following are set:
Source site: McAfeeHttp
Package types: All packages
5 Click Save to save the task.
6 For the Update Master Repository server task, click Run.
The Master Repository now includes the AMCore Content Package and the Endpoint Security Exploit Prevention
Content package required by Endpoint Security. See the Endpoint Security Common Help for more
information about content files.

Automated tasks simplify the processes for deploying the client software to managed systems. This
method deploys remotely from the security management console and does not require any user
assistance.
Before you begin

The systems where you want to install the product must meet the requirements
described in Chapter 2, Pre-installation.
In a McAfee ePO environment, you must have installed the product's server-side
components on the McAfee ePO server.
In a McAfee ePO Cloud environment, you must have administrative logon credentials for
a McAfee ePO Cloud account. McAfee or your service provider sends these in an email.

3
Task
You can use two types of automated tasks to deploy product software to multiple managed systems:
product deployment tasks and client tasks. Product deployment tasks are simpler to set up, and this
guide explains the process. See the McAfee ePO or McAfee ePO Cloud product guide for more
information about configuring and running product deployment tasks and client tasks.
1 On the security management console, select Menu | Software | Product Deployment.
2 On the Product Deployment page, click New Deployment.
3 On the New Deployment page, configure these settings, then click Save at the top of the page.
Option Description
Name and Type a name and description for this deployment.
Description
This name appears on the Deployment page after the deployment is saved.
Type From the list, select the type of deployment.

Fixed Deploys only to the selected systems.
Continuous Deploys to systems based on System Tree groups or tags. This
option allows these systems to change over time as they are added or removed
from the groups or tags.
If you want to automatically install product updates when they are available,
select Auto Update. This option deploys the hotfixes and patches for your product
automatically.
Package From the list, select McAfee Endpoint Security.

Language and If needed, select the Language and Branch, if not using the defaults.
Branch
Command line In the text field, specify a command line with installation options for the module
you are installing. These options are supported:
/INSTALLDIR="install_path" /nocontentupdate
/l"install_log_path" /override"hips"
/l*v"install_log_path"
Select the Click Select Systems to open the System Selection dialog box and select the systems
systems where you want to deploy the client software.
If needed, configure the following:
Run at every policy enforcement (Windows only)
Allow end users to postpone this deployment (Windows only)
Maximum number of postponements allowed
Option to postpone expires after
Display this text
Select a start time Select a start time or schedule for your deployment:
Run Immediately Starts the deployment task the next time the systems check for
updates from the management server.
Once Opens the scheduler so you can configure the start date, time, and
randomization.

3
The Product Deployment page opens with your new project added to the list of deployments. Also, a
client task is automatically created with the deployment settings.
4 Check the status of the deployment on the Product Deployment page.

Click the deployment task in the list on the left side of the page to display its details on the right
side of the page.
See also
SetupEP command-line options (McAfee ePO and McAfee ePO Cloud deployment tasks) on
page 46

Typically, McAfee ePO Cloud administrators create an installation URL that can be used to install
Endpoint Security Client on managed systems.
They can:
Use this URL to install the client software locally on their own system.
Send this URL to users with instructions for installing the client software on their local systems.
McAfee ePO also supports URL installation.
Tasks
Install the product with default settings on page 31
Create a default installation URL and use it to install the client software on systems in the
default group.
Install the product with custom settings on page 32
Create a custom installation URL and use it to install the client software on your own local
system or send it to end users to install the client software on their systems.
Install with an installation URL on page 33
Install the product on a local system with an installation URL.
Install the product with default settings

Create a default installation URL and use it to install the client software on systems in the default
group.
Before you begin

In a McAfee ePO environment, the product extensions must be installed on the McAfee
ePO server, and the product content must be available in the Master Repository.
a McAfee ePO Cloud account. McAfee or your service provider sends these to you in an
email.
Task
1 Open your browser and log on to McAfee ePO.
2 Select Menu | Dashboards, then select Getting Started with ePolicy Orchestrator from the drop-down list.
The product modules installed on managed systems are listed under My Products. The default
installation URL appears underneath.

3
3 Install the product locally or send the URL to users to install on their systems.
On this Perform these steps...

platform...
McAfee ePO 1 Click the URL displayed on the page.
A file containing all the product client packages downloads to your system.
2 Click Install if a web-based installation wizard doesn't open automatically.
McAfee ePO 1 Select an option.

Cloud
Install Protection on This Computer Downloads a file containing all the product
client packages downloads to the local system and installs them. Click Install
if a web-based installation wizard doesn't open automatically.
Install Protection to Other Computers Displays the installation URL.
2 Send the URL to users.
a Copy this URL to a text file, then click OK to close the dialog box.
b Send the URL in an email message with any special instructions for installing
on local systems.
Install the product with custom settings

Create a custom installation URL and use it to install the client software on your own local system or
send it to end users to install the client software on their systems.
Before you begin

In a McAfee ePO environment, the product extensions must be installed on the McAfee
ePO server, and the product content must be available in the Master Repository.
a McAfee ePO Cloud account. McAfee or your service provider sends these to you in an
email.
Task
1 Open your browser and log on to McAfee ePO.
2 Select Menu | Dashboards, then select Getting Started with ePolicy Orchestrator from the drop-down list.
The product modules installed on managed systems are listed under My Products.
3 Create a custom installation URL.

3
On this Perform these steps...

platform...
McAfee ePO 1 Click Customize Installation.
The Customize Software Installation page opens.
2 Configure these settings, then click Done:
Group Name Select the default group name or enter a custom group name.
Operating System Select McAfee Agent for Windows.
Software and Policies Select McAfee Endpoint Security product modules to install
and, if needed, click McAfee Default Policies and Tasks to select an alternative
preconfigured policy.
Software is automatically updated to the latest version Specify whether to download the
latest version of the software automatically whenever an update occurs.
A page displays installation options.
McAfee ePO 1 Click Customize Installation.

Cloud
2 Configure these settings, then click Done:
Group Name Select the default group name or enter a custom group name.
Operating System Select McAfee Agent for Windows.
Software and Policies Select McAfee Endpoint Security product modules to install
and, if needed, click McAfee Default Policies and Tasks to select an alternative
preconfigured policy.
Software is automatically updated to the latest version Specify whether to download the
latest version of the software automatically whenever an update occurs.
A page displays installation options.
4 Select an installation option.

Install Protection on This Computer Downloads a file containing all the product client packages
downloads to the local system and installs them. Click Install if a web-based installation wizard
doesn't open automatically.
Install Protection to Other Computers Displays the installation URL.
5 Send the URL to users.

a Copy this URL to a text file, then click OK to close the dialog box.
b Send the URL in an email message with any special instructions for installing on local systems.
Install with an installation URL

Install the product on a local system with an installation URL.
Before you begin

The system where you install the product must meet the requirements described in
You must have an installation URL that you created or received from your administrator.

3
Task
1 Open a web browser window and paste in the installation URL.
2 Follow the instructions on the screen to install. If the installation does not start automatically, click
Install.
Click Run if prompted to run or save.
Click Run if prompted to verify the installation.
A dialog box displays the progress of the installation and indicates when it is complete. If needed, you
can click Cancel to stop the installation.
The installation log, McAfeeSmartInstall_<date>_<time>.log, is saved in <LocalTempDir>
\McAfeeLogs (for example, C:\Windows\Temp\McAfeeLogs).

After deployment, verify that the client software installed and updated correctly on managed systems.
After a URL installation, verify that the list of systems matches the list of users you sent the
installation URL to.
Task
1 Wait for client systems to report back to the security management platform (typically after an hour
or two).
2 On the security management console, select Menu | Dashboards, then select Endpoint Security: Installation
Status for a complete listing of the managed systems where the software was installed and their
status.
Uninstall from systems managed with McAfee ePO or McAfee

ePO Cloud
You can remove product modules from managed systems remotely from the management console or
locally at the managed system. You might do this for testing or before reinstalling the client software.
Best practice: Reinstall the client software as soon as possible. When it is uninstalled, the system is
not protected against threats.
Task
Remove the client software using one of these methods.

3
To uninstall... Do this...
From multiple Run a product deployment task:
systems
remotely 1 On the security management console, select Menu | Policy | Product Deployment.
2 Duplicate the task you used to install the product modules, then specify Remove
as the Action.
3 After the task has completed, verify that the client software was uninstalled
from the selected systems. Click Dashboards, then select Endpoint Security: Installation
Status.
See the McAfee ePO or McAfee ePO Cloud product guide for more information
about using product deployment tasks.
At the local Uninstall from the Windows Control Panel:

managed
system 1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
2 In the list of programs, select each product module, then click Uninstall.
McAfee Endpoint Security Adaptive Threat Protection If Adaptive Threat Protection is
installed, you must uninstall it before uninstalling Threat Prevention.
McAfee Endpoint Security Firewall 10.5
McAfee Endpoint Security Threat Prevention 10.5
McAfee Endpoint Security Web Control 10.5
McAfee Endpoint Security Platform 10.5
Endpoint Security Platform (Common module) is uninstalled automatically with
the last product module.
3 If prompted, enter a password for each module.
By default, no password is required.

3

4 Installation for self-managed systems
Use this information to install the product on systems that are not managed by a centralized network
management tool.
Contents
Installation overview for self-managed systems
Upgrade the McAfee Agent on self-managed systems
Install with the installation wizard
Install from the command line
Uninstall from a self-managed system
Installation overview for self-managed systems

Local system users perform these high-level tasks to install or upgrade the product on self-managed
systems.
1 Make sure that the system meets the requirements described in Chapter 2, Pre-installation.
2 (Optional) If you are upgrading legacy products and plan to preserve your settings, review and
revise them as needed.
3 Upgrade the McAfee Agent, if needed.
Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is recommended).
Endpoint Security automatically upgrades version 4.0 and later of the agent to a supported version
during product upgrades. You can also upgrade the agent manually.
4 Copy the product files to the self-managed system.

Depending on how you purchased the product, you might need to download product files from a
download site or copy them from a disc.
5 Launch the installation wizard to install or upgrade the product.
6 Verify that the client software is installed and up to date.
7 (Optional) If you upgraded from legacy products and preserved your settings, verify that the
settings were preserved.
Best practice: Restart the system after installing this release of the product.
See also
Upgrading an existing version of the product on page 22

4
Installation for self-managed systems

Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is recommended). Endpoint
Security automatically upgrades version 4.0 and later of the agent to a supported version during
product upgrades. You can also upgrade the agent manually.
Task
1 Download the McAfee Agent client package from the download site.
2 Unzip the McAfee Agent package and locate the FramePkg_Upd.exe file.
3 Right-click FramePkg_UPD.exe, then select Run as administrator.
Install with the installation wizard

The installation wizard automates much of the process for installing and upgrading the product on
self-managed systems.
Before you begin

The systems where you install the product must meet the requirements described in
Task
1 Obtain your copy of the product software, then launch the installation wizard on the self-managed
system.
For this product Perform these steps...

format...
Download Download the Endpoint Security .zip file, unzip the contents of the file, then
double-click setupEP.exe.
If you purchase the product online, McAfee or another provider sends

instructions and a URL for downloading the product.
CD or DVD Insert the disc into a drive, open the contents, then double-click
setupEP.exe.
If there is a product license number on the disc label or packaging, make

sure that you have a copy for reference.
2 On the License Agreement page, click Accept.
3 Resolve any conflicts detected by the wizard.

The wizard attempts to uninstall conflicting virus-detection and firewall software products
automatically. If it can't, it prompts you to uninstall them manually, then prompts you to reboot.
If you reboot immediately, installation resumes after the system restarts.
If you reboot later, run the installation wizard again at your earliest convenience.
See KB85522 for a list of the software products uninstalled automatically.

4
4 On the Install Options page, select the modules to install.

Install all product modules that you purchased with their default settings, or select options to
customize your installation.
5 If you are upgrading VirusScan Enterprise 8.8, Host Intrusion Protection 8.0, or SiteAdvisor
Enterprise 3.5, select whether to preserve your settings.
6 Click Install.
A dialog box shows the progress of the installation and notifies you when it is complete. You can
cancel the installation at any time, if needed.
7 Click Finish to close the wizard.
See also
Other virus-detection and firewall software on page 17

You can run the installation wizard from the command line, which lets you select additional options,
such as silent installation. (By default, installation is interactive.)
Before you begin

The system where you install the product must meet the requirements described in
For silent installation, the wizard displays no feedback. All information is available in logs.
For interactive command-line installation, the wizard displays a progress window and allows you to
cancel the installation, if needed. All information is available in logs.
Task
1 Copy the product files to the self-managed system.
Depending on how you purchased the product, you might need to download product files from a
download site or copy them from a disc.
2 Open a Command Prompt window, navigate to the folder where you copied the files, then type this
command and any applicable parameters, which are not case-sensitive:
setupEP.exe /parameters
Type setupEP.exe /help for a complete list of command-line options for the SetupEP utility.
Best practice: Restart the system after installing this release of the product.
See also

After installation is complete, verify that the modules installed successfully and the system is up to
date. If you migrated settings from legacy products, verify that your settings migrated correctly.

4
Task
1 Open the Windows Control Panel and verify that the name of each module you selected to install
appears and that version 10.5 is installed.
McAfee Endpoint Security Firewall
McAfee Endpoint Security Threat Prevention
McAfee Endpoint Security Web Control
McAfee Endpoint Security Platform
2 Open the installation log file and make sure that no errors or failure messages appear.
By default, the installation wizard installs the installation log files in the user Temp folder as %Temp%
\McAfeeLogs (for example, C:\Users\username\AppData\Local\Temp\McAfeeLogs).
3 Open the Endpoint Security Client, then click Update Now to ensure that the system is up to date.
If your system is up to date, the page displays No Updates Available and the date and time of the last
update.
4 (Upgrade only) If you upgraded legacy products with preserved settings, check the client Settings
page for each product module to verify that legacy settings were migrated.

You can remove product modules on a self-managed system from the Windows Control Panel. You
might do this for testing or before reinstalling the client software.
You can also uninstall the product modules from a command line.
Best practice: Reinstall the client software as soon as possible. When it is uninstalled, the system is
not protected against threats.
Task
1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
2 In the list of programs, select each product module, then click Uninstall.
McAfee Endpoint Security Adaptive Threat Protection If Adaptive Threat Protection is installed, you must
uninstall it before uninstalling Threat Prevention.
McAfee Endpoint Security Firewall
McAfee Endpoint Security Web Control
Endpoint Security Platform (Common module) is uninstalled automatically with the last product
module.
3 If prompted, enter a password for each module.


4
4 Wait for the wizard to report that it has uninstalled the support components. If you do not see a
notification, check the Event Log to verify that the Endpoint Security Platform was removed
successfully.
5 If no other protection services are installed, select McAfee Agent in the Uninstall Programs screen of the
Windows Control Panel, then click Uninstall.
See also

4

5 Troubleshooting and reference
Use this information for basic product maintenance, troubleshooting, and reference.
Contents
Troubleshooting installation problems
Resolving error codes and messages
Using command-line options
Log files
Troubleshooting installation problems

Follow troubleshooting procedures to resolve problems related to installing and uninstalling the
product, and capture the required system information.
Test malware detection

Test the virusdetection feature of Threat Prevention by downloading the EICAR Standard AntiVirus
Test File to the local system.
Although it is designed to be detected as a virus, the EICAR test file is not a virus.
Task
1 Download the EICAR file from this location:
http://www.eicar.org/download/eicar.com
If installed properly, Threat Prevention interrupts the download and displays a threat detection
dialog box.
2 Click OK.
If not installed properly, Threat Prevention does not detect the virus or interrupt the download
process. In this case, use Windows Explorer to delete the EICAR test file from the client computer,
then reinstall the product and test the new installation.
Using the MER tool for troubleshooting

The MER (Minimum Escalation Requirements) tool collects McAfee data from Endpoint Security and
other McAfee products from your computer.
McAfee support uses this data to analyze and resolve your problem.

5
Troubleshooting and reference
The information collected by the MER tool includes:
Registry details Event logs
File version details Process details
Files
McAfee provides two versions of MER:
WebMER runs on the client computer.

See How to use MER tools with supported McAfee products.
MER tool for McAfee ePO uses McAfee ePO to run the MER tool on client computers.
See How to use the MER tool for McAfee ePO.

Error messages are displayed by programs when an unexpected condition occurs that can't be fixed by
the program itself. Use this list to find an error message, an explanation of the condition, and any
action you can take to correct it.
Depending on how you launched the installation wizard, it displays a description of the error or an
error code.
Message Description Solution

Conflicting McAfee Error code: 16001 Uninstall the conflicting
product(s) found. The installation wizard detected one or more products, then try installing
conflicting McAfee products (such as Deep again.
Defender) on the system that it can't remove
automatically.
Administrator rights Error code: 16002 Log on as an administrator,

required. You must have administrator rights to run the then launch the installation
installation wizard. wizard.
Invalid Package. Error code: 16006 Download a valid package file,

Invalid package found. Please verify that you then try installing the product
have a valid package. again.
Removal failed. Error code: 16007 Remove these products

The installation wizard couldn't remove a manually before installing
previous version of this product (such as a Endpoint Security.
beta version) or a legacy product (such as Contact support if the issue
VirusScan Enterprise or SiteAdvisor persists.
Enterprise) from the system.
Installer failed to Error code: 16008 Contact McAfee support.

launch. The installation wizard was not able to
launch.
Restart required Error code: 16015 Restart the system to continue

The installation wizard requires a system with the installation.
restart to continue the installation.
Restart required Error code: 16016 Restart the system to complete

The installation wizard requires a system the installation.
restart to complete the installation.

5

Restart pending Error code: 16017 Restart the system to continue
A system restart from a previous installation with the installation.
or removal operation is pending.
Incompatible software Error code: 16018 Remove these products

removal failed. The installation wizard tried and failed to manually before installing
remove one or more incompatible software Endpoint Security.
products it detected on the system.
Installation canceled. Error code: 16020 Run the installation wizard

The user canceled the installation before it again.
completed. The installation wizard made no
changes to the user's system.
Migration failed. Error code: 16025 Run the installation wizard

The installation wizard tried to migrate again at a later time.
settings from a legacy product, but it
encountered an error.
Installation failed. Error code: 16026 Run the installation wizard

The installation wizard was interrupted before again at a later time.
it finished installing Endpoint Security. It
made no changes to your system.
Your system is not Error code: 16029, 16030, 16031 To protect your system against
protected. Your The installation wizard was interrupted before threats, contact McAfee support
previous security Endpoint Security was installed. Your as soon as possible.
software was previous software was uninstalled, but no
uninstalled, but the other changes were made to your system.
installer was interrupted
before McAfee Endpoint
Security was installed.
Call McAfee support for
assistance as soon as
possible.
Your system is not fully Error code: 16032 To fully protect your system
protected. The installer One or more Endpoint Security product against threats, call McAfee
could not install modules failed to install. Your previous support as soon as possible.
[product name]. Call software was uninstalled.
McAfee support for
assistance.
Policy import failed. Error code: 16502 Check that you selected the
The installation wizard installed Endpoint proper data to import. Contact
Security successfully, but couldn't import the support if the issue persists.
specified policy.
Policy import failed. Error code: 17001 Check that you selected the
The installation wizard couldn't import the proper data to import. Contact
specified policy. McAfee support if the issue
persists.
Installation failed and Error code: 17002 Check the installation logs on
then rollback failed. The installation wizard couldn't install the system and contact McAfee
Endpoint Security or roll back the changes it support for assistance.
made to the user's system.

5

Installation canceled Error code: 17003 Check the installation logs on
and then rollback failed. The installation was canceled before it the system and contact McAfee
completed. The installation wizard couldn't support for assistance.
roll back the changes it made to the user's
system.
Another installation Error code: 1618 Complete that installation

wizard is already Another installation is already in progress. before proceeding with the new
running. installation.
Installation failed. Error code: various See MsiExec.exe and
The installation wizard couldn't install InstMsi.exe Error Messages for
Endpoint Security. It made no changes to the descriptions of specific error
user's system. codes.
If the issue persists, contact
McAfee support.

Use command-line options to customize product installation and uninstallation from the command line.
Supported options differ by product platform.
SetupEP command-line options (McAfee ePO and McAfee ePO

Cloud deployment tasks)
Use these command-line options within a deployment task to install the product on systems managed
with McAfee ePO and McAfee ePO Cloud.
For each product module selected in a product deployment task, type supported options in the
corresponding Command line window. (Do not type the command, type only the options.)
Options are not case-sensitive.
Example
setupEP.exe INSTALLDIR="D:\Installed Programs" /l"D:\Installed Programs\Logs"
Installs the product files to a folder on drive D under Installed Programs and saves the installation
log files to a folder under Installed Programs\Logs.

5
Option Definition
INSTALLDIR="install_path" Specifies where to install the product files on the computer.
The installation wizard creates an Endpoint folder at the specified
location and installs the product to this folder.
Example:
INSTALLDIR="D:\Installed Programs"
Installs the product modules under D:\Installed Programs
\EndPoint\.
By default, product files are installed in the folder C:\windows
\Temp\McAfeeLogs.
/log"install_log_path" or / Specifies where to save the installation log files for tracking
l"install_log_path" installation events.
/l*v"install_log_path" The installation wizard creates an Endpoint folder at the
specified location and saves the log files to this folder.
Example:
/l"D:\Log Files"
Installs the product log files under D:\Log Files\EndPoint\.
By default, log files are saved in the Windows System TEMP
folder C:\windows\Temp\McAfeeLogs.
*v Specifies verbose (more descriptive) logging entries.
/nocontentupdate Does not update product content files automatically as part of the
installation process.
Content files include the latest AMCore and Exploit Prevention
Best practice: Update content files to ensure that the system is

fully protected. If you don't update them during installation,
schedule an update as soon as possible.
/override"program_name" Overrides and uninstalls conflicting products as specified:

hips McAfee Host Intrusion Prevention
Example:
/override"hips"
Uninstalls McAfee Host Intrusion Prevention automatically during
installation.
See also
Download Endpoint Security content files on page 29
Log files on page 51
SetupEP command-line options (self-managed)

Use these options with the SetupEP utility to install the product from a command line.
Open a Command Prompt window, then run the SetupEP command using the appropriate
command-line options.
Example

5
setupEP.exe INSTALLDIR="D:\My Programs" /l"D:\My Log Files"
Installs the product files to a folder on drive D under My Programs and saves the installation log files
to a folder under My Log Files.
Basic options
setupEP.exe ADDLOCAL="fw,tp,wc" [INSTALLDIR="install_path"][/qb][/qb!][/

l*v"install_log_path"]
All options
setupEP.exe ADDLOCAL="fw,tp,wc" [INSTALLDIR="install_path"][/qb][/qb!][/

l"install_log_path"][/l*v"install_log_path"] [/import <file_name>] [/module <TP|FW|WC|
ESP>] [/nopreservesettings] [/override"program_name"] [/policyname <name>] [/unlock
<password>]
Option Definition
ADDLOCAL="fw,tp,wc" Selects the product modules to install:
fw Firewall
tp Threat Prevention
wc Web Control
fw,tp,wc Install all three modules.
Example:
ADDLOCAL="tp,wc"
Installs Threat Prevention and Web Control.
INSTALLDIR="install_path" Specifies where to install the product files on the computer.

The installation wizard creates an Endpoint folder at the
specified location and installs the product to this folder.
Example:
INSTALLDIR="D:\Installed Programs"
Installs the product modules under D:\Installed Programs
\EndPoint\.
By default, product files are installed in the folder C:\windows
\Temp\McAfeeLogs.
/log"install_log_path" or / Specifies where to save the installation log files for tracking
l"install_log_path" installation events.
/l*v"install_log_path" The installation wizard creates an Endpoint folder at the
specified location and saves the log files to this folder.
Example:
/l"D:\Log Files"
Installs the product log files under D:\Log Files\EndPoint\.
By default, log files are saved in the User TEMP folder C:
\users\username\AppData\Local\Temp\McAfeeLogs.
*v Specifies verbose (more descriptive) logging entries.

5
Option Definition
/qn or /quiet Specifies how the users can interact with the installation wizard:
/qb! or /passive qn Hide all installation notifications (silent mode). Users
/qb have no interaction.
qb! Show only a progress bar without a Cancel button. Users
cannot cancel the installation while it is in progress (passive
mode).
qb Show only a progress bar with a Cancel button. Users can
cancel the installation while it is in progress, if needed.
/import <file_name> Imports policy settings from the specified file.

/module <TP|FW|WC|ESP> Applies imported policy settings to the specified product
modules.
TP Threat Prevention
FW Firewall
WC Web Control
ESP Resources shared by product modules.
Example:
/module TP FW
Imports settings to Threat Prevention and Firewall.
/nocontentupdate Do not update product content files automatically as part of the

installation process.
Content files include the latest AMCore and Exploit Prevention
Best practice: Update content files to ensure that the system

is fully protected. If you don't update them during installation,
schedule an update as soon as possible.
/nopreservesettings Do not migrate your product settings to Endpoint Security.

By default, settings are preserved.
/override"program_name" Overrides and uninstalls conflicting products as specified:

hips McAfee Host Intrusion Prevention
Example:
/override"hips"
Uninstalls McAfee Host Intrusion Prevention automatically during
installation.
/policyname <name> Assigns the specified policy to systems where the product is
installed.
/unlock <password> Sets the password for unlocking the client UI.
See also
Download Endpoint Security content files on page 29
Log files on page 51
Create a custom policy to import on page 21

5
ESConfigTool command-line options

Use these options with the ESConfigTool utility to create a file of preconfigured policy settings that
you can import during installation of Endpoint Security.
Open a Command Prompt window, then run the ESConfigTool command using the appropriate
command-line options.
Example
ESConfigTool.exe /export C:\ENS\preconfigured.policy /module TP FW
Exports policy settings for Threat Prevention and Firewall to the file C:\ENS\preconfigured.policy.
Basic options
ESConfigTool.exe /export <file_name> [/module <TP|FW|WC|ESP> ] [/unlock <password> ]

[/plaintext ]
Option Definition
/export Saves policy settings to a file with the specified name and location.
<file_path_and_name>
Example:
/export C:\My Programs\Endpoint\preconfigured.policy
Exports settings to the file preconfigured.policy in the C:\My
Programs\Endpoint folder.
Save this file to a folder that is not protected by McAfee. The folder
containing ESConfigTool is protected, so the export location should
be a different, writable location.
/module <TP|FW|WC|ESP> Specifies which product module settings to export.

TP Threat Prevention
FW Firewall
WC Web Control
ESP Resources shared by product modules.
Example:
/module TP FW WC ESP
Exports settings for all product modules.
/unlock <password> Sets the password for unlocking the client UI.
/plaintext Specifies descriptive comments in human-readable format.
See also
Create a custom policy to import on page 21

5
Log files
Log files
The installation wizard tracks details about installation, uninstallation, and migration in log files that
you can use to verify results and troubleshoot problems.
Default location of installation log files

By default, the installation wizard installs the installation log files in a TEMP folder. Use command-line
options to change the location for the log files.
Management platform Installation log file location

McAfee ePO Windows System TEMP folder
McAfee ePO Cloud (C:\Windows\TEMP\McAfeeLogs by default)
Self-managed User TEMP folder %Temp%\McAfeeLogs

(C:\Users\username\AppData\Local\Temp\McAfeeLogs by default)
Types of log files

Check these log files for details about installation, uninstallation, and migration.
Log file name Type of information

McAfee_<module>_Install_XX.log Installation log for each product module.
Example: McAfee_TP_Install_XX.log
McAfee_<Module>_Bootstrapper_XX.log Bootstrapper for each product module.

McAfee_Endpoint_BootStrapper_XX.log Bootstrapper for self-managed Master SETUPEP.
McAfee_<Module>_CustomAction_Install_XX.log MSI Custom Action for each product module.
McAfee_Endpoint_CompetitorUninstaller.log Removal of incompatible virus-protection and
firewall products.
McAfee_<Module>_UnInstall_XX.log Uninstallation log for each product module.
McAfee_<Module>_CustomAction_Uninstall_XX.log MSI Custom Action for each product module for
uninstallation.
McAfee_Endpoint_Security_Migration_xxx.log Removal of legacy products.
Example:
McAfee_Endpoint_Security_Migration_McAfee
VirusScan
Enterprise_8.8_06042015195245175.log
McAfee_<module>_Migration_Plugin.log Preserve and restore status of migrated legacy

settings, per module.
Example: McAfee_TP_Migration_Plugin.log
McAfee_ESP_Migration_Plugin.log Legacy settings migrated to the Common

Options policy.

5
Log files

A Adaptive Threat Protection installation
Adaptive Threat Protection is an optional Endpoint Security module that analyzes content from your
enterprise and decides what to do based on file reputation, rules, and reputation thresholds.
You must manually install the components for Adaptive Threat Protection separately after Endpoint
Security installation is complete.
The Adaptive Threat Protection module is supported on Windows systems only.
Contents
About Adaptive Threat Protection
Install the product in managed environments
Install the product on self-managed systems
About Adaptive Threat Protection

Adaptive Threat Protection is an optional Endpoint Security module that analyzes content and decides
what to do based on file reputation, rules, and reputation thresholds.
You can install Adaptive Threat Protection on Windows systems that are:
Managed with McAfee ePO
Self-managed
Adaptive Threat Protection isn't supported on systems managed by McAfee ePO Cloud.
Adaptive Threat Protection works with Endpoint Security Threat Prevention version 10.5. The Threat
Prevention and Common modules must be installed on the systems where Adaptive Threat Protection
is installed.
McAfee ePO systems If the product packages are checked in but not installed for these modules,
they are installed automatically when you install Adaptive Threat Protection.
Self-managed systems If these modules are not installed, you can't install Adaptive Threat
Protection.
Content files for Adaptive Threat Protection contain rules to dynamically compute the reputation of
files and processes on the managed systems. They are updated every two months as part of the
AMCore content package.

A
Adaptive Threat Protection installation

Use this information to install and use Endpoint Security Adaptive Threat Protection in network
environments managed with McAfee ePO.
Tasks
Download and check in the components to McAfee ePO on page 57
Check in the required Adaptive Threat Protection components to the McAfee ePO server. If
you plan to install the TIE server, you also need to download and check in the Data
Exchange Layer.
Deploy Adaptive Threat Protection on page 58
Deploy the Adaptive Threat Protection client package to managed systems. If you plan to
install the TIE server, you also need to deploy the DXL Client.
Verify the deployment on page 58
After installing the Adaptive Threat Protection components, verify the deployment to
managed systems. If you plan to install the TIE server, also verify deployment for the Data
Exchange Layer.
Uninstall Adaptive Threat Protection on page 59
Remove the product software from managed systems remotely from the management
console or locally at the managed system.
Using Adaptive Threat Protection on managed systems

You can use McAfee ePO to configure, manage, deploy, and enforce Adaptive Threat Protection
policies. Once configured, you can then use queries and dashboards to monitor your environment for
threats.
Optional components
Adaptive Threat Protection can integrate with these optional components:
TIE server A server that stores information about file and certificate reputations, then passes
that information to other systems.
TIE server is optional. For information about the server, see the Threat Intelligence Exchange
Product Guide.
Data Exchange Layer Clients and brokers that enable bidirectional communication between the
Adaptive Threat Protection module on the managed system and the TIE server.
Data Exchange Layer is optional, but it is required for communication with TIE server. See McAfee
Data Exchange Layer Product Guide for details.
These components are installed as McAfee ePO extensions and add several new features and reports.
How Adaptive Threat Protection works

Adaptive Threat Protection functions differently, depending on whether TIE server is deployed:
If TIE server isn't available and the system is connected to the Internet, Adaptive Threat Protection
uses McAfee GTI for reputation decisions.
If TIE server isn't available and the system isn't connected to the Internet, Adaptive Threat
Protection determines the file reputation using information about the local system.
If TIE server is available, Adaptive Threat Protection uses the Data Exchange Layer framework to
share file and threat information instantly across the whole enterprise.
See the Endpoint Security Adaptive Threat Protection Help for more information.

A
System requirements for Adaptive Threat Protection

Adaptive Threat Protection is supported in McAfee ePO environments that meet the requirements
described in Chapter 2. Make sure that your system environment meets these additional requirements
and that you have administrator rights.
Products Components Version Notes

VMware vSphere 5.1.0 with Optional. Required if deploying the
VMWare vSphere TIE server.
ESXi 5.1 or later
See the McAfee Threat Intelligence
Exchange Server Product Guide.
Threat Intelligence Threat Intelligence 1.2 Optional. See the McAfee Threat
Exchange Exchange (TIE) Intelligence Exchange Server Product
server Guide.
McAfee ePO server 5.1.1, 5.3
(on-premise only)
McAfee ePO product McAfee Agent for 5.0.2.333 or later Automatically checked in when you
packages (checked Windows (5.0.4 check in Endpoint Security to McAfee
in to the Master recommended) ePO.
Repository)
Data Exchange 2.0.0 Optional. Required if deploying the
Layer Client TIE server.
package
Endpoint Security 10.5 Automatically checked in when you
Platform check in Endpoint Security to McAfee
ePO.

Threat Prevention check in Endpoint Security to McAfee
ePO.
Endpoint Security 10.5 Separate package.

Adaptive Threat
Protection Best practice: To use all the
newest features, install the 10.5
version of Adaptive Threat
Protection with the 10.5 version
of Endpoint Security.
McAfee ePO product McAfee Agent 5.0.2.333 or later Automatically checked in when you
extensions (installed extension (5.0.4 check in the Endpoint Security
in Extensions) recommended) product to McAfee ePO.

Platform check in the Endpoint Security
product to McAfee ePO.

Threat Prevention check in the Endpoint Security
extension product to McAfee ePO.
Endpoint Security 10.5 Required. Separate package.

Adaptive Threat
Protection
extension
Threat Intelligence 1.1 Optional. Required if deploying the
Exchange Server TIE server.
extension

A
Products Components Version Notes

Products deployed McAfee Agent 5.0.2.333 or later For more information about this
to your managed (5.0.4 component, see the McAfee Agent
systems recommended) Product Guide.
Data Exchange 2.0.0 Optional. Required if deploying the
Layer Client TIE server.
package
Can be deployed as part of the
Endpoint Security deployment.
Endpoint Security 10.5 Can be deployed as part of the

Platform Endpoint Security deployment.
If you have checked in this product
package to the Master Repository
but not deployed it, it is deployed
along with Adaptive Threat
Protection.
Endpoint Security 10.5 Can be deployed as part of the

Threat Prevention Endpoint Security deployment.
If you have checked in this product
package to the Master Repository
but not deployed it, it is deployed
along with Adaptive Threat
Protection.
Endpoint Security 10.2 or 10.5 Endpoint Security version 10.5

Adaptive Threat supports Endpoint Security Threat
Protection Intelligence version 10.2 or Endpoint
Security Adaptive Threat Protection
version 10.5.
Best practice: To use all the

newest features, install the 10.5
version of Adaptive Threat
Protection with the 10.5 version
of Endpoint Security.
Overview of Adaptive Threat Protection installation process

Complete these tasks to install and use Adaptive Threat Protection in managed network environments.
Tasks related to the TIE server are required only when the TIE server is installed.
1 Install the Endpoint Security product files on McAfee ePO.

At a minimum, install the Endpoint Security Threat Prevention and Endpoint Security Platform
extensions. These are installed as part of the Endpoint Security bundle.
Check in the Endpoint Security Client product deployment package to the Master Repository.
2 Download and check in the product components to McAfee ePO.
3 (Required for TIE server only.) Install the Data Exchange Layer product files on McAfee ePO.
Install the Data Exchange Layer extension.
Check in the Data Exchange Layer product deployment package to the Master Repository.

A
4 Install the Adaptive Threat Protection product files on McAfee ePO.

Install the Adaptive Threat Protection extension.
Check in the Adaptive Threat Protection product deployment package to the Master Repository.
5 Deploy the correct version of McAfee Agent to managed systems.
6 (Required for TIE server only.) Deploy the Data Exchange Layer package to managed systems.
7 Deploy Endpoint Security (at least Threat Prevention and Endpoint Security Platform) and Adaptive
Threat Protection to managed systems.
You can use a single deployment task for steps 6 and 7.
8 Verify the deployment.
9 (Required for TIE server only.) Install and configure the Threat Intelligence Exchange (TIE) server.
See the McAfee Threat Intelligence Exchange Product Guide.
See also
Install the product files on the management server on page 28
Deploy to multiple systems with deployment tasks on page 29
Download and check in the components to McAfee ePO

Check in the required Adaptive Threat Protection components to the McAfee ePO server. If you plan to
install the TIE server, you also need to download and check in the Data Exchange Layer.
Before you begin

The Endpoint Security product files (at least the Threat Prevention and Endpoint Security
Platform packages) are installed on the McAfee ePO server, and the Endpoint Security
Client product deployment package is added to the Master Repository.
Task
1 In McAfee ePO, select Menu | Software | Software Manager.
2 (Required only for TIE server) Check in the McAfee Data Exchange Layer package:
a From Management Solutions, select McAfee Data Exchange Layer 2.0.
b Check in the DXL Bundle package.
3 Check in the Adaptive Threat Protection package:

a From Endpoint Security, select McAfee Endpoint Security 10.5.
b Check in the Endpoint Security Adaptive Threat Protection package.
See also
Install the product files on the management server on page 28

A
Deploy Adaptive Threat Protection

Deploy the Adaptive Threat Protection client package to managed systems. If you plan to install the
TIE server, you also need to deploy the DXL Client.
Before you begin

McAfee Endpoint Security, including the Endpoint Security Platform and Threat Prevention
modules, is deployed to the managed system. If you have checked in the client packages
for these modules to the McAfee ePO server, but have not deployed them, the installation
wizard deploys them with Adaptive Threat Protection. The systems where you install the
product must meet the requirements.
If Endpoint Security Threat Intelligence version 10.2 is installed, it is removed automatically during
this installation process.
See the McAfee ePO Help for details about deploying software.
Task
1 In McAfee ePO, select Menu | Software | Product Deployment, then click New Deployment.
2 Complete the new deployment information, being sure to deploy the packages in this order:
1 Data Exchange Layer Client Required only if you plan to install the TIE server.
2 Endpoint Security Adaptive Threat Protection
3 Start the deployment.
See also
System requirements for Adaptive Threat Protection on page 55
System requirements for Endpoint Security on page 15
Deploy to multiple systems with deployment tasks on page 29
Verify the deployment

After installing the Adaptive Threat Protection components, verify the deployment to managed
systems. If you plan to install the TIE server, also verify deployment for the Data Exchange Layer.
Task
1 In the System Tree, click the group or system name, then click the Products tab.
2 Verify that the following components are listed:

McAfee DXL Client Required only if you plan to install the TIE server.
McAfee Endpoint Security Adaptive Threat Protection

A
What to do after installation

When you have finished installing Adaptive Threat Protection, you need to set up the product.
See the Endpoint Security Adaptive Threat Protection Help for information about:
Using Adaptive Threat Protection to detect and respond to threats in your environment
Accessing Adaptive Threat Protection reports in McAfee ePO
For additional threat intelligence sources and functionality, you can also deploy the Threat Intelligence
Exchange server. See the McAfee Threat Intelligence Exchange Product Guide for information about
installing and configuring the optional server.
Uninstall Adaptive Threat Protection

Remove the product software from managed systems remotely from the management console or
locally at the managed system.
You can continue to use Endpoint Security after uninstalling Adaptive Threat Protection. To uninstall
Endpoint Security product modules, complete this task, then follow the instructions for uninstalling
Endpoint Security.
Task
Remove the client software using one of these methods.
To uninstall... Do this...
From multiple 1 On the security management console, select Menu | Policy | Product Deployment.
systems
remotely 2 Duplicate the deployment task you used to install Adaptive Threat Protection,
then specify Remove as the Action.
If you also selected Threat Prevention and Endpoint Security Platform
(Common) in the original deployment task, they will be uninstalled.
3 Verify that the client software was uninstalled from the selected systems.
Click Dashboards, then select Endpoint Security: Installation Status.
See the McAfee ePO product guide for more information about using product
deployment tasks.
From the local 1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
managed system
2 In the list of programs, select McAfee Endpoint Security Adaptive Threat Protection, then
click Uninstall.
3 If prompted, enter a password.
You must uninstall Adaptive Threat Protection before uninstalling Threat
Prevention.
See also
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud on page 34

A

Use this information to install and use Endpoint Security Adaptive Threat Protection on self-managed
systems.
Tasks
Install Adaptive Threat Protection on the system on page 61
Install the product software on a self-managed system after installing version 10.5 of
McAfee Endpoint Security.
Verify the installation on self-managed systems on page 61
After installing Adaptive Threat Protection, verify the installation.
Uninstall Adaptive Threat Protection on self-managed systems on page 62
Remove the product software on a self-managed system from the Windows Control Panel.
Using Adaptive Threat Protection on self-managed systems

On self-managed systems, the Endpoint Security Adaptive Threat Protection module allows you to
create rules for blocking and allowing a file or certificate based on its reputation, containing files with
Dynamic Application Containment, and using Real Protect.
Adaptive Threat Protection protects systems even when they're not connected to the internet.
If the system is connected to the Internet, Adaptive Threat Protection uses McAfee GTI for
reputation decisions.
If the system isn't connected to the Internet, Adaptive Threat Protection determines the file
reputation using information on the local system.
See the Endpoint Security Adaptive Threat Protection Help for more information.
System requirements for Adaptive Threat Protection on self-

managed systems
Adaptive Threat Protection is supported on self-managed systems that meet the requirements
described in Chapter 2. Make sure that your system also meets these additional requirements and that
you have administrator rights.
Components Version Notes

McAfee Agent 5.0.2.333 or later The install wizard automatically upgrades version
(5.0.4 recommended) 4.0 and later of the agent to a supported version
during Endpoint Security upgrades. You can also
upgrade the agent manually.
Endpoint Security 10.5 Can be installed as part of the Endpoint Security

Platform bundle.
Endpoint Security Threat 10.5 Can be installed as part of the Endpoint Security
Prevention bundle.
Endpoint Security 10.5

Adaptive Threat
Protection

A
Overview of Adaptive Threat Protection installation process

Complete these tasks to install and use Adaptive Threat Protection on self-managed systems.
1 Install the correct version of McAfee Agent.
2 Install Endpoint Security components (at least Threat Prevention and Endpoint Security Platform).
3 Install Adaptive Threat Protection.
4 Verify the deployment.
5 Set up and verify that the features are working correctly.
Install Adaptive Threat Protection on the system

Install the product software on a self-managed system after installing version 10.5 of McAfee Endpoint
Security.
Before you begin

McAfee Endpoint Security version 10.5, including the Endpoint Security Platform and Threat
Prevention modules, is installed on the system. The systems where you install the product
must meet the requirements.
If Endpoint Security Threat Intelligence version 10.2 is installed, it is removed automatically during
this installation process.
Task
1 Download the Adaptive Threat Protection .zip file to the self-managed system.
If you purchase the product online, McAfee or another provider sends instructions and a URL for
downloading the product.
2 Unzip the contents of the file, then double-click setupatp.exe.
See also
System requirements for Adaptive Threat Protection on self-managed systems on page 60
Verify the installation on self-managed systems

After installing Adaptive Threat Protection, verify the installation.
Task
2 In the list of programs, verify that these products appear.

McAfee Endpoint Security Adaptive Threat Protection

A
What to do after installation

When you have finished installing Adaptive Threat Protection on the self-managed system, make sure
that it is working as expected.
1 If proxies are configured in your environment, update the McAfee GTI proxy settings in the
Common module.
2 Check the About box to confirm that Adaptive Threat Protection reports McAfee GTI connectivity.
Without McAfee GTI connectivity, detections might be reduced.
3 Select the appropriate rule group based on your needs. See the Endpoint Security Adaptive Threat
Protection Help for more information.
4 Configure Dynamic Application Containment. Configure exclusions, specify the trigger threshold,
and set rules to block. See the Endpoint Security Adaptive Threat Protection Help for more
information.
Best practice: By default, Dynamic Application Containment rules are set to report only. For
information about Dynamic Application Containment rules, including best practices for when to set a
rule to report or block, see KB87843.
Uninstall Adaptive Threat Protection on self-managed systems

Remove the product software on a self-managed system from the Windows Control Panel.
You can continue to use Endpoint Security after uninstalling Adaptive Threat Protection. To uninstall
Endpoint Security product modules, complete this task, then follow the instructions for uninstalling
Endpoint Security.
Task
2 In the list of programs, select McAfee Endpoint Security Adaptive Threat Protection, then click Uninstall.
3 If prompted, enter a password.

4 Wait for the wizard to report that it has uninstalled the product. If you do not see a notification,
check the Event Log to verify that the product was removed successfully.
See also
Uninstall from a self-managed system on page 40

Index
A browser requirements 15
about this guide 5

Adaptive Threat Protection
C
about 7 client software
and Data Exchange Layer Client 54 how it works 9
and Threat Prevention 53 installing, McAfee ePO Cloud systems 33
content files 53 installing, McAfee ePO systems 29, 33
description 53 installing, self-managed systems 38, 39
documentation 59 Linux 14
Adaptive Threat Protection, McAfee ePO systems Macintosh 14
after the installation 59 requirements 15
checking in components 57 testing threat prevention 43
content files, updates 29 uninstalling 34, 40
deploying 58 command-line installation
how product works 54 ESConfigTool utility, command-line options 50
installation overview 56 McAfee ePO Cloud systems 29
optional components 54 McAfee ePO systems 29
system requirements 55 self-managed systems 39
uninstalling 59 SetupEP utility, command-line options 46, 47
verifying the deployment 58 Common module, Endpoint Security Client 7
Adaptive Threat Protection, self-managed systems compatibility
after the installation 62 Deep Defender 17
best practices 62 firewalls 17
how product works 60 Host Intrusion Prevention 17, 27
installation overview 61 McAfee Agent 22, 27
installing 61 previous product versions 22
system requirements 60 conflicting software 17
uninstalling 62 content files 53
verifying the installation 61 content files, updates 29
AMCore content files, updates 29 conventions and icons used in this guide 5
custom product packages, See preconfiguration of product
B features
best practices
D
Adaptive Threat Protection, observe mode 62
Data Exchange Layer
before installing and upgrading 18
deploying 58
customizing product settings 18
verifying the deployment 58
preparing to migrate legacy policies 22
Data Exchange Layer Client
rebooting after installation 25, 37
and Threat Prevention 54
reinstalling client software 34, 40
installation overview 56
running McAfee GetClean tool 18
testing custom packages 19 Deep Defender, compatibility 17
deployment
updating content files during installation 46, 47
Adaptive Threat Protection 58
version to install, Adaptive Threat Protection 55, 60
Data Exchange Layer client 58

Index
deployment (continued) installation (continued)

McAfee ePO Cloud systems, product deployment task 29 requirements 15
McAfee ePO Cloud systems, URL 3133 security management platform requirements 15
McAfee ePO systems, product deployment task 29 Threat Intelligence Exchange server, overview 56
McAfee ePO systems, URL 3133 upgrading the product 22
documentation installation, Adaptive Threat Protection
Adaptive Threat Protection 59 after the installation, McAfee ePO systems 59
audience for this guide 5 after the installation, self-managed systems 62
product-specific, finding 6 checking in components, McAfee ePO systems 57
Threat Intelligence 62 deploying to McAfee ePO systems 58
typographical conventions and icons 5 installing on self-managed systems 61
Dynamic Application Containment 60, 62 overview, McAfee ePO systems 56
overview, self-managed systems 61
E requirements, McAfee ePO systems 55
EICAR test virus 43 requirements, self-managed systems 60
Endpoint Security for Linux, system requirements 15 verifying the deployment, McAfee ePO systems 58
Endpoint Security for Mac, system requirements 15 verifying the installation, self-managed systems 61
Endpoint Security Package Designer installation, McAfee ePO Cloud systems
best practices 18 command-line options 46
creating custom packages 19 creating installation URL 31, 32
installing custom packages 20 installing with URL 33
Endpoint Security Platform, uninstalling 34, 40 overview 25
error codes and messages 44 product deployment task 29
ESConfigTool utility sending installation URL 31, 32
command-line options 50 verification 34
exporting custom policy for installation 21 installation, McAfee ePO systems
Exploit Prevention content files, updates 29 command-line options 46
creating installation URL 31, 32
F installing on security management server 28
installing with URL 33
Firewall
overview 25
about 7
product deployment task 29
firewalls, compatibility 17
sending installation URL 31, 32
verification 34
G
installation, self-managed systems
GetClean tool 18 command-line options 47
installing with command line 39
H overview 37
Host Intrusion Prevention verification 39
compatibility 17 wizard 38
McAfee Agent and 27
L
I legacy products
import, custom policy during installation 21 compatibility 22
installation migrating settings, overview 8, 22
browser requirements 15 upgrades, self-managed systems 38
checklist 23 upgrading, overview 8, 22
conflicting software 17 license information, McAfee ePO Cloud systems 25
creating custom policy to import 21 Linux support
creating preconfigured custom packages 19 client software 14
error codes and messages 44 requirements 15
log files, Endpoint Security 51 log files
preconfigured custom packages 20 Endpoint Security, installation 51
preconfiguring the product 18

Index
M N
Macintosh support non-Microsoft browsers 15
client software 14
requirements 15 O
management platforms, See security management platforms operating systems, supported
management server, See security management server Adaptive Threat Protection 55, 60
McAfee Agent Endpoint Security 15
Host Intrusion Prevention, compatibility 27
installation requirements, Adaptive Threat Protection 55, 60
P
installation requirements, all platforms 15
upgrading, McAfee ePO Cloud systems 27 policies
upgrading, McAfee ePO systems 27 migrating, best practice 22
upgrading, self-managed systems 38 migrating, overview 8, 22
McAfee ePO Cloud systems migrating, precedence 20
command-line options 46 preconfiguring 1821
creating installation URL 31, 32 preconfiguration of product features
creating product deployment task 29 best practices 18
installation overview 25 creating custom packages 19
installing with command line 29 creating custom policy to import 21
installing with URL 33 installing custom packages 20
license information 25 migration and 20
security management platform overview 13 overview 18
sending installation URL 31, 32 preserved settings, self-managed systems 3739
uninstalling the product 34 product deployment task
upgrading McAfee Agent 27 McAfee ePO Cloud systems 29
verifying installation 34 McAfee ePO systems 29
McAfee ePO systems
Adaptive Threat Protection and 53 R
command-line options 46 Real Protect 60, 62
creating installation URL 31, 32 remove, See uninstallation
creating product deployment task 29 requirements
installation overview 25 Adaptive Threat Protection, McAfee ePO systems 55
installing on security management server 28 Adaptive Threat Protection, self-managed systems 60
installing with command line 29 browser 15
installing with URL 33 Linux systems 15
preconfigured settings 19, 20 Macintosh systems 15
security management platform overview 11 McAfee Agent 15
sending installation URL 31, 32 security management platforms 15
updating content files 29 Windows systems 15
upgrading McAfee Agent 27
verifying installation 34
S
McAfee ePO systems, uninstallation 34
McAfee GTI 18, 54, 60, 62 security level, browser 15
McAfee ServicePortal, accessing 6 security management platforms
MER tool, troubleshooting 43 McAfee ePO Cloud, overview 13
migration McAfee ePO, overview 11
compatible legacy products 22 options 11
custom policies and 20 overview 10
log files 51 requirements 15
self-managed systems, See upgrades self-managed systems
modules Adaptive Threat Protection and 60
about Endpoint Security 7 command-line options 47, 50
installation, command line 39
installation, overview 37
installation, wizard 38

Index
self-managed systems (continued) uninstallation (continued)

preconfigured settings 18, 21 Endpoint Security Platform 34, 40
preserved settings 37 log files, Endpoint Security 51
uninstalling the product 40 McAfee ePO Cloud systems 34
upgrades, overview 37 McAfee ePO systems 34
upgrading McAfee Agent 38 self-managed systems 40
upgrading product 38 uninstallation, Adaptive Threat Protection
verifying installation 39 McAfee ePO systems 59
verifying preserved settings 39 self-managed systems 62
servers unmanaged systems, See self-managed systems
server-side installation, McAfee ePO 28 updates, content files 29
supported operating systems, Endpoint Security 15 upgrades
ServicePortal, finding product documentation 6 Endpoint Security, overview 8, 22
Setup utility, See SetupEP utility or SetupATP utility legacy products, overview 8, 22
SetupATP utility 61 McAfee Agent, McAfee ePO Cloud systems 27
SetupEP utility McAfee Agent, McAfee ePO systems 27
command-line options 46, 47 McAfee Agent, self-managed systems 38
using, McAfee ePO Cloud systems 29 overview, McAfee ePO Cloud systems 25
using, McAfee ePO systems 29 overview, McAfee ePO systems 25
using, self-managed systems 39 overview, self-managed systems 37
silent installation verifying, McAfee ePO Cloud systems 34
McAfee ePO Cloud systems 29 verifying, McAfee ePO systems 34
McAfee ePO systems 29 verifying, self-managed systems 39
self-managed systems 39 wizard, self-managed systems 38
SetupEP utility, command-line options 46, 47 URL installation
standalone systems, See self-managed systems McAfee ePO Cloud systems 3133
system requirements, See requirements McAfee ePO systems 3133
utilities
T ESConfigTool 21, 50
technical support, finding product information 6 SetupATP 61
Threat Intelligence SetupEP 46, 47
documentation 62
Threat Intelligence Exchange server 5456 V
Threat Prevention verification, installation
about 7 Adaptive Threat Protection, McAfee ePO systems 58
and Adaptive Threat Protection 53 Adaptive Threat Protection, self-managed systems 61
threat prevention, test 43 McAfee ePO Cloud systems 34
TIE server, See Threat Intelligence Exchange server McAfee ePO systems 34
tools self-managed systems 39
ESConfigTool 21 virus protection, test 43
MER and WebMER 43
troubleshooting W
error codes and messages, Endpoint Security 44
Web Control
using the MER tools 43
about 7
viewing log files, Endpoint Security 51
WebMER tool, troubleshooting 43
Windows firewall 17
U Windows support, requirements 15
uninstallation
conflicting software 17

0-00

ENS 10.5 Installation

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

ENS 10.5 Installation

Diunggah oleh

Hak Cipta:

Format Tersedia

Installation Guide

McAfee Endpoint Security 10.5.0

2 McAfee Endpoint Security 10.5.0 Installation Guide

4 Installation for self-managed systems 37

McAfee Endpoint Security 10.5.0 Installation Guide 3

Install with the installation wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

5 Troubleshooting and reference 43

A Adaptive Threat Protection installation 53

4 McAfee Endpoint Security 10.5.0 Installation Guide

About this guide

Italic Title of a book, chapter, or topic; a new term; emphasis

Caution: Important advice to protect your computer system, software installation,

McAfee Endpoint Security 10.5.0 Installation Guide 5

Find product documentation

6 McAfee Endpoint Security 10.5.0 Installation Guide

McAfee ePolicy Orchestrator (McAfee ePO ) version 5.1.1 and later

McAfee ePolicy Orchestrator Cloud (McAfee ePO Cloud)

Endpoint Security modules

McAfee Endpoint Security 10.5.0 Installation Guide 7

Options for installation and upgrades

Automated installation and deployment

Side-by-side management and upgrades

On McAfee ePO-managed systems The Endpoint Migration Assistant provides two

8 McAfee Endpoint Security 10.5.0 Installation Guide

How the product works

The role of the client software

Deletes or quarantines detected viruses.

Removes potentially unwanted programs, such as spyware or adware.

Blocks or warns of suspicious activity, depending on product settings.

Blocks or warns of unsafe websites, depending on product settings.

McAfee Endpoint Security 10.5.0 Installation Guide 9

Upgrades to software components.

If new versions are available, the client software downloads them.

Receive new policy assignments.

The role of the security management platform

Deploy product software to managed systems.

Manage protection for systems running on multiple operating system platforms.

Endpoint Security adapts to any of these environments.

10 McAfee Endpoint Security 10.5.0 Installation Guide

Security management options

Supports desktops and laptops.

Requires no management server or server-side components.

Is installed on the local system by local users.

Features Managed with McAfee Managed with

Management with McAfee ePO

McAfee Endpoint Security 10.5.0 Installation Guide 11

Threat events (information about detections)

The McAfee Agent deployed to each system facilitates:

Product deployments and updates

Reporting on managed systems

2 The administrator deploys client software to managed systems.

12 McAfee Endpoint Security 10.5.0 Installation Guide

Management with McAfee ePO Cloud

McAfee Endpoint Security 10.5.0 Installation Guide 13

Where to go from here

When you are ready to begin, follow this process.

2 Follow the instructions in the chapter for your management environment.

To install on systems managed with... Go to...

3 See Chapter 5 for reference or troubleshooting information.

14 McAfee Endpoint Security 10.5.0 Installation Guide

System requirements for Endpoint Security

System and hardware requirements

Endpoint Security KB82761

Endpoint Security for Mac KB84934