TRADEMARK ATTRIBUTIONS
Intel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo, McAfee Active
Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Evader, Foundscore, Foundstone, Global Threat Intelligence,
McAfee LiveSafe, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee TechMaster, McAfee
Total Protection, TrustedSource, VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries.
Other marks and brands may be claimed as the property of others.
LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS
FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU
HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR
SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A
FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET
FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF
PURCHASE FOR A FULL REFUND.
Preface 5
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1 Product overview 7
Endpoint Security modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Options for installation and upgrades . . . . . . . . . . . . . . . . . . . . . . . . . . 8
New features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
How the product works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
The role of the security management platform . . . . . . . . . . . . . . . . . . . 10
Security management options . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Self-management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Management with McAfee ePO . . . . . . . . . . . . . . . . . . . . . . . . . 11
Management with McAfee ePO Cloud . . . . . . . . . . . . . . . . . . . . . . . 13
Where to go from here . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
2 Pre-installation 15
System requirements for Endpoint Security . . . . . . . . . . . . . . . . . . . . . . . 15
Other virus-detection and firewall software . . . . . . . . . . . . . . . . . . . . . . . 17
Preparing to install or upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Preconfiguring the product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Create custom packages with Endpoint Security Package Designer . . . . . . . . . . . 19
Install custom packages with McAfee ePO . . . . . . . . . . . . . . . . . . . . . 20
Create a custom policy to import . . . . . . . . . . . . . . . . . . . . . . . . 21
Upgrading an existing version of the product . . . . . . . . . . . . . . . . . . . . . . . 22
Are you ready to install? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3 Installation for systems managed with McAfee ePO and McAfee ePO Cloud 25
Installation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Upgrade the McAfee Agent on McAfee ePO-managed systems . . . . . . . . . . . . . . . . 27
Install the product files on the management server . . . . . . . . . . . . . . . . . . . . 28
Download Endpoint Security content files . . . . . . . . . . . . . . . . . . . . . . . . 29
Deploy to multiple systems with deployment tasks . . . . . . . . . . . . . . . . . . . . 29
Install on local systems with an installation URL . . . . . . . . . . . . . . . . . . . . . 31
Install the product with default settings . . . . . . . . . . . . . . . . . . . . . . 31
Install the product with custom settings . . . . . . . . . . . . . . . . . . . . . 32
Install with an installation URL . . . . . . . . . . . . . . . . . . . . . . . . . 33
Verify the installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud . . . . . . . . . . . 34
Index 63
This guide provides the information you need to work with your McAfee product.
Contents
About this guide
Find product documentation
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
Administrators People who implement and enforce the company's security program.
Conventions
This guide uses these typographical conventions and icons.
Task
1 Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab.
2 In the Knowledge Base pane under Content Source, click Product Documentation.
3 Select a product and version, then click Search to display a list of documents.
McAfee Endpoint Security is a fully integrated security solution that protects servers, endpoint
computer systems, laptops, and tablets against a full spectrum of threats. These threats include
malware, suspicious communications, unsafe websites, and downloaded files. Endpoint Security
intercepts threats, monitors overall system health, and reports detection and status information.
The product can be installed on self-managed (standalone) systems or systems managed by these
security management platforms:
For the latest Endpoint Security management license and entitlement information, see KB87057.
Contents
Endpoint Security modules
Options for installation and upgrades
New features
How the product works
Security management options
Where to go from here
Firewall Monitors communication between the computer and resources on the network and the
Internet. Intercepts suspicious communications.
Web Control Displays safety ratings and reports for websites during online browsing and
searching. Web Control enables the site administrator to block access to websites based on safety
rating or content.
Adaptive Threat Protection Analyzes content from your enterprise and decides what to do
based on file reputation, rules, and reputation thresholds.
Adaptive Threat Protection is an optional Endpoint Security module. For additional threat
intelligence sources and functionality, deploy the Threat Intelligence Exchange server. For
information, contact your reseller or sales representative.
Adaptive Threat Protection isn't supported on systems managed by McAfee ePO Cloud.
In addition, the Common module provides settings for common features, such as interface security
and logging. This module is installed automatically if any other module is installed.
Automated wizards Install and deploy the product with preconfigured, default settings and
minimal interaction during installation.
Customized options Use the Endpoint Security Package Designer to create custom product
packages that include preconfigured policy settings. Specify installation features, such as installing
silently.
Single or multiple targets Install on local systems or deploy remotely to all managed systems.
Management of multiple client versions and platforms Use McAfee ePO and McAfee ePO
Cloud with the McAfee Agent to manage 10.010.5 versions of the Endpoint Security Client on
Windows systems and compatible client software on Mac and Linux systems.
Migration of custom settings Migrate your settings from legacy products for use with
Endpoint Security.
On self-managed systems The installation wizard preserves your settings during the
upgrade process, by default. You can specify the products to upgrade.
New features
The current release of the product includes these new features.
See the McAfee Endpoint Security Release Notes for a complete listing of new product features and
enhancements in this release.
For managed systems Typically, an administrator installs the client software, manages
detections, and sets up security rules, called policies, that determine how product features work.
Depending on the policies configured by the administrator, users might be able to customize some
product features.
1 It silently monitors all file input and output, downloads, program executions, inbound and outbound
communications, visits to websites, and other systemrelated activities on managed systems, then:
Indicates unsafe websites with a colorcoded button or icon in the browser window or search
results page. These indicators provide access to safety reports that detail site-specific threats.
2 It regularly connects to a local or remote McAfee ePO server or directly to a site on the Internet to
check for:
Updates to content files, which contain information that Endpoint Security uses to detect
threats. These files are updated as new threats are discovered to ensure that systems are
always protected against the latest threats.
3 It logs security information for each managed system, including protection status and details about
detections. Users can view this information in the client console on self-managed systems and on
managed systems where policy settings are configured to allow it.
4 (Managed systems only) It regularly communicates with a security management server to:
Send logged security information.
Manage and enforce network security using policy assignments and automated tasks.
Update the product components and required security content to ensure that managed systems are
secure.
Create reports that display informative, user-configured charts and tables containing your network
security data.
Management strategies vary according to the number and location of managed systems and the way
they are used.
Enterprise networks for industry and government typically employ a team of IT administrators to
monitor and regulate security full time.
Smaller businesses might ask an employee to dedicate an hour or two a week to monitoring
security, subscribe to management software hosted on a server "in the cloud," or let individual
users manage security on their own systems.
Self-managed systems
On systems not managed with a security management platform, Endpoint Security:
Is configured and managed from the client console on the local system.
Managed systems
McAfee ePO and McAfee ePO Cloud enable access to additional management features, which include a
management server and administrative console.
Self-management
Install and manage the product directly on a local system that is not connected to a network or
managed from a centralized security management platform.
In this case, users run the installation wizard directly on the local system. After installation is
complete, they can manage the security settings and product features directly from the client console.
For example, they can schedule scans, view reports, and check for updates as needed.
Managed systems follow the classic client-server model, in which they call into the management
(McAfee ePO) server for instructions. (To facilitate this call, a McAfee Agent is deployed to each system
in the network. Once an agent is deployed to a system, the system can be managed by McAfee ePO,
and client software for managed products can communicate with the server.)
The following figure shows how Endpoint Security integrates into a secure McAfee ePO environment.
1 The administrator sets up the McAfee ePO server-side components, then deploys the McAfee Agent
to managed systems.
The McAfee ePO database stores all data about the managed systems on the network, including:
System properties
Policy information
Directory structure
All other relevant data that the server needs to keep managed systems up to date
3 The McAfee ePO server connects to the McAfee update server to pull down the latest security
content.
The McAfee ePO update server hosts the latest security content, so the McAfee ePO software can
pull the content at scheduled intervals.
4 Agent-server secure communication (ASSC) occurs at regular intervals between the systems and
the McAfee ePO server. Then:
McAfee ePO sends any available new policy assignments or product updates for the client
software to the managed systems. This communication occurs shortly after the client software is
installed and at regular intervals thereafter.
The client software sends the security information it has logged to the server.
5 The administrator logs on to the McAfee ePO console to perform security management tasks, such
as running queries to report on security status or working with managed software security policies.
Managed systems follow the classic client-server model, in which they call into the management
(McAfee ePO Cloud) server for instructions. (To facilitate this call, a McAfee Agent is deployed to each
system in the network. Once an agent is deployed to a system, the system can be managed by
McAfee ePO Cloud, and client software for managed products can communicate with McAfee ePO
Cloud.)
The following figure shows how Endpoint Security integrates into a secure McAfee ePO Cloud
environment.
1 McAfee sets up the server-side components "in the cloud," including the McAfee ePO Cloud server
and database, then sends the URL and logon information to the administrator.
2 The McAfee ePO Cloud server connects to the McAfee update server to pull down the latest security
content.
The McAfee update server hosts the latest security content, so the McAfee ePO Cloud software can
pull the content at scheduled intervals.
3 The administrator uses a browser to log on to McAfee ePO Cloud, creates an installation URL, and
sends it to users along with instructions for installing the client software on their systems.
Endpoint Security Client is the client software for Windows systems. Endpoint Security server-side
components can also manage supported client software installed on Mac and Linux systems.
The URL installs the McAfee Agent (if it is not already installed) and Endpoint Security Client. The
system communicates back to McAfee ePO Cloud and is then managed and protected by McAfee
ePO Cloud.
4 Agent-server secure communication (ASSC) occurs at regular intervals between the systems and
the McAfee server. Then:
McAfee ePO Cloud sends any available new policy assignments or product updates for the client
software to the managed systems. This occurs shortly after the client software is installed and
at regular intervals thereafter.
The client software sends the security information it has logged to the server.
5 The administrator uses a browser to log on to McAfee ePO Cloud and perform security management
tasks, such as running queries to report on security status or configuring managed software
security policies.
1 Check the information in Chapter 2 to ensure that your systems and environment meet the
requirements to install and run the product.
Chapter 2 also describes requirements for migrating legacy products.
4 (Optional) For information about installing Endpoint Security Adaptive Threat Protection, see
Appendix A, Adaptive Threat Protection installation.
Your managed systems must have specific hardware and software to run McAfee Endpoint Security.
Review these requirements and recommendations before installing your Endpoint Security software to
make sure that your installation is successful.
Contents
System requirements for Endpoint Security
Other virus-detection and firewall software
Preparing to install or upgrade
Preconfiguring the product
Upgrading an existing version of the product
Are you ready to install?
Safari, versions (7.1.x, 8.0.x, and 9.0.x) Endpoint Security for Mac
The installation wizard works with the default security level for Internet Explorer. For other browsers,
select a security level that enables Javascript. See the web browser's documentation for instructions
on configuring the security level if you must change it.
Web Control
Mozilla Firefox ESR (Extended Support Release) current version and previous version
As Google and Mozilla release new versions frequently, Web Control might not work with a new update.
A Web Control patch is released as soon as possible to support the changes from Google or Mozilla.
For the latest information about browsers that Web Control supports, see KB82761.
On self-managed systems, all browsers supported and unsupported are allowed by default.
Management Requirements
platform
McAfee ePO An administrator has:
Installed McAfee ePO 5.1.1 or later. (McAfee ePO 5.3.1 or later is
recommended.)
Deployed McAfee Agent 5.0.2.333 or later to managed systems. (McAfee
Agent 5.0.4 is recommended.)
See the McAfee ePolicy Orchestrator Installation Guide for instructions.
McAfee ePO Cloud McAfee or another service provider has set up your account, installed
server-side components, and sent you logon credentials for McAfee ePO
Cloud.
An administrator has deployed McAfee Agent 5.0.2.333 or later to managed
systems. (McAfee Agent 5.0.4 is recommended.)
For the latest Endpoint Security management license and entitlement
information, see KB87057.
See the McAfee ePolicy Orchestrator Cloud Installation Guide for instructions.
None You have installed McAfee Agent 4.0 or later on your system.
(self-managed)
Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is
recommended). Endpoint Security automatically upgrades version 4.0 and later
of the agent to a supported version during product upgrades. You can also
upgrade the agent manually.
See also
Upgrade the McAfee Agent on McAfee ePO-managed systems on page 27
Upgrade the McAfee Agent on self-managed systems on page 38
System requirements for Adaptive Threat Protection on page 55
Users might be prompted to reboot their systems after uninstalling firewall software.
If McAfee Host Intrusion Prevention is installed The Endpoint Security Firewall replaces the
Host Intrusion Prevention Firewall, and you can also migrate your Host Intrusion Prevention
Firewall settings to the new Endpoint Security Firewall. Host Intrusion Prevention (without its
firewall module) can run side by side with the Endpoint Security Firewall.
You are not required to upgrade to Endpoint Security Firewall or migrate your settings. You can
continue to run the McAfee Host IPS Firewall after installing Endpoint Security Firewall. Whenever
McAfee Host IPS Firewall is installed and enabled, Endpoint Security Firewall is disabled even if
enabled in the policy settings.
If McAfee Deep Defender is installed You must remove this conflicting product manually or
(McAfee GTI) to be categorized. This tool helps to ensure that McAfee GTI does not provide an
incorrect reputation value for your files. For more information, see the McAfee GetClean Product
Guide.
Review and revise settings for products you plan to upgrade Review policy settings, client
tasks, and assignments, consolidating them where possible. Remove duplicates and unused
objects.
For self-managed systems Export policy settings to a file, then import them during a
command-line installation.
1 Customize policies with the settings required for your system.
For McAfee ePO systems Create a custom product package with Endpoint Security Package
Designer, then deploy it using McAfee ePO or third-party software.
1 Customize policies with the settings required for your environment.
2 Create a custom product package that includes the preconfigured policies. The Endpoint
Security Package Designer steps you through this process.
3 Check in components from the custom product package to a location accessible by your
deployment software. For McAfee ePO, this is the Master Repository.
4 Deploy the policy settings to managed systems. Use McAfee ePO or a third-party deployment
tool.
See the Endpoint Security Help for information about the features you can configure.
Best practices
McAfee preconfigures features with default settings that protect systems in medium-risk
environments. These settings ensure that systems can access important websites and applications
until there is time to customize the settings.
How often and what time of day managed systems check for updates.
Endpoint Security Package Designer is a standalone tool (not included with Endpoint Security) that you
can download. Use this tool to create a custom package using existing Endpoint Security settings or
customized settings on a client system. You can then deploy the custom package files in one of
these ways:
As a standalone installer
For information about installing and using Package Designer, see KB86438.
Task
For details about product features, usage, and best practices, click ? or Help.
2 On the Select Folders screen, select the source package file and destination folder for the custom
package.
a Browse to the package you want to create.
c (Optional) Specify a custom name for the package. The .zip file extension is appended to the file
name automatically.
d Click Next.
3 On the Modify Package screen, click Edit Settings and make changes to the settings if needed, then click
Next.
4 On the Create Package screen, review and verify your selections and the content of the custom
package, then click Create.
A progress bar displays the status of your request.
Best practice: Test custom packages before deploying them to your McAfee ePO environment.
You can also use a third-party network deployment tool to deploy custom package files. See its
product documentation for more information.
If you migrate settings from legacy products to Endpoint Security, policies included in a custom package
take precedence over legacy policies. In these cases, the custom policy settings are applied instead of
the legacy settings.
Task
For details about product features, usage, and best practices, click ? or Help.
1 Navigate to the folder where you created the custom package, then extract the files.
From the Package Designer, click Open Package Location in the Package Completed screen, or navigate to
the location manually.
3 On the Package tab of the Check In Package screen, select the package to check in.
a For Package type, select Product or Update (.ZIP).
b For File path, click Choose File, navigate to the custom package, then click Open.
c Click Next.
4 On the Package Options tab, verify the package information and select the branch where you want to
install the package, then click Save.
5 Repeat steps 24 for each .zip file you extracted from the custom package.
6 To install the files you have checked in on managed systems, create a client deployment task.
This utility exports all policy settings for your selected product modules to a location that you specify.
For example, preconfigure port exclusions to ensure that vital communications are not blocked when
Firewall is installed, or preconfigure settings required for compliance with security regulations.
Task
For option definitions, run ESConfigTool with no options: ESConfigTool.exe
1 Create a policy and configure the required settings, then save it.
2 Using the ESConfigTool command line, export the policy to create <file_name>.
ESConfigTool.exe /export <file_name> [/module <TP|FW|WC|ESP> ]
Save this file to a folder that is not protected by McAfee. The folder containing ESConfigTool is
protected, so the export location should be a different, writable location.
Example:
3 Using the SetupEP utility, install Endpoint Security and import <file_name>.
<file_name> is the exported policy settings file created in the previous step.
Example:
See also
SetupEP command-line options (self-managed) on page 47
ESConfigTool command-line options on page 50
You can use the McAfee Agent to manage versions 10.010.5 of Endpoint Security.
You can continue to run Endpoint Security Threat Intelligence 10.2 after upgrading to Threat
Prevention 10.5.
Adaptive Threat Protection requires version 10.5 of both Threat Prevention and Endpoint Security
Platform.
Updating to Adaptive Threat Protection is not a requirement. You can continue to run Endpoint
Security Threat Intelligence version 10.2 after upgrading to Threat Prevention version 10.5.
Best practice: To use all the newest features, install the 10.5 version of Adaptive Threat Protection
with the 10.5 version of Endpoint Security.
McAfee Host Intrusion Prevention Host IPS Catalog Renamed Firewall Catalog in Endpoint
Firewall 8.0 Security.
Firewall and General policies
Client tasks
Best practice: Before migrating, review your legacy settings to make sure that they are up to date,
then consolidate, remove duplicates, and remove unused settings, policies, and client tasks.
On self-managed systems The installation wizard allows you to preserve your legacy settings
when you upgrade to Endpoint Security.
In McAfee ePO environments Use the Endpoint Migration Assistant to create Endpoint
Security policies based on your current legacy product settings. You can let the Migration Assistant
migrate all your settings automatically, or you can select which policies to migrate, then configure
new settings manually. The Migration Assistant also migrates client tasks and other settings. For
more information, see the McAfee Endpoint Security Migration Guide and Help.
Managed systems only Required agent is installed and communicating with the management
server.
(Upgrade) Supported version of software is installed.
Migrate your custom settings for legacy products in McAfee ePO environments Check
requirements in the McAfee Endpoint Security Migration Guide.
Install Adaptive Threat Protection See Appendix A, Adaptive Threat Protection installation,
for information about installing and setting up the components. Adaptive Threat Protection is an
optional Endpoint Security module.
Install compatible client software on Mac and Linux systems See the product
documentation for Endpoint Security for Mac and Endpoint Security for Linux.
Use this information to install the product on Windows systems managed with McAfee ePO and McAfee
ePO Cloud.
Contents
Installation overview
Upgrade the McAfee Agent on McAfee ePO-managed systems
Install the product files on the management server
Download Endpoint Security content files
Deploy to multiple systems with deployment tasks
Install on local systems with an installation URL
Verify the installation
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud
Installation overview
In McAfee ePO and McAfee ePO Cloud environments, administrators can deploy the product software
remotely to managed systems or ask users to install it locally. For McAfee ePO, they must also install
product software on the management server.
McAfee ePO Administrators install product components on the management server, then they
typically configure feature settings and deploy the client software to multiple managed systems
using deployment tasks.
McAfee ePO Cloud McAfee or another service provider sets up each McAfee ePO Cloud account
on an offsite management server and notifies the local administrator when products are ready to
install on managed systems. Local administrators then typically create and send an installation URL
to users for installation on local systems.
In McAfee ePO Cloud environments, you must have administrative logon credentials for a McAfee
ePO Cloud account before installing the product. McAfee or your service provider sends these to you
in an email. If you have not previously activated and configured an account, see the McAfee ePO
Cloud product guide for instructions.
For the latest Endpoint Security management license and entitlement information, see KB87057.
Endpoint Security supports both URL installation and deployment tasks in either environment. As an
administrator, you can choose the method that best suits your needs.
If you are installing Adaptive Threat Protection, see Appendix A, Adaptive Threat Protection installation,
for additional steps. Adaptive Threat Protection is an optional Endpoint Security module.
See also
Create custom packages with Endpoint Security Package Designer on page 19
Preconfiguring the product on page 18
On Windows systems, communication is blocked between McAfee ePO and the agent when running
McAfee Host IPS 8.0 (Patch 4 or earlier) and McAfee Agent version 5.0 (or later). See KB82869 for
instructions to resolve this issue.
Task
For details about product features, usage, and best practices, click ? or Help.
3 Select Menu | Extensions, click Install Extension, and select the EPOAGENTMETA.zip file.
4 Select Menu | Master Repository, click Check In Package, and select the MA-WIN 5.0.2 .zip file or the latest
recommended version (5.0.4).
When you check in the new McAfee Agent, which overwrites the previous version, any
deployment URL created with the previous version no longer works. You must create and
distribute a new URL with the new McAfee Agent.
1 Select Menu | System Tree, then select the subgroup that contains the systems to deploy to.
3 Enter the URL name, verify the agent version, then click OK.
For more information about deployment, see the McAfee ePO Help.
This task installs two types of product components on the management server:
Product management extensions Add Endpoint Security management features (such as queries,
client tasks, and online Help) to the McAfee ePO server that enable you to manage the product
from the console.
Product deployment packages Add product software files to the Master Repository. You can then
deploy them to managed systems.
Task
For details about product features, usage, and best practices, click ? or Help.
1 On the security management console, select Menu | Dashboards, then select Guided Configuration from
the drop-down list.
b In the Software table, select the product you want to check in. The product description and all
available components are displayed in the table below.
c Click Check In All to check in product extensions to your McAfee ePO server, and product packages
to your Master Repository.
When installation is complete, the extensions are listed on the Extensions page and the packages
are listed in the Master Repository.
Task
For details about product features, usage, and best practices, click ? or Help.
1 In McAfee ePO, select Menu | Automation | Server Tasks to open the Server Task Catalog.
4 For the Repository Pull action, ensure that the following are set:
Source site: McAfeeHttp
The Master Repository now includes the AMCore Content Package and the Endpoint Security Exploit Prevention
Content package required by Endpoint Security. See the Endpoint Security Common Help for more
information about content files.
In a McAfee ePO environment, you must have installed the product's server-side
components on the McAfee ePO server.
In a McAfee ePO Cloud environment, you must have administrative logon credentials for
a McAfee ePO Cloud account. McAfee or your service provider sends these in an email.
Task
You can use two types of automated tasks to deploy product software to multiple managed systems:
product deployment tasks and client tasks. Product deployment tasks are simpler to set up, and this
guide explains the process. See the McAfee ePO or McAfee ePO Cloud product guide for more
information about configuring and running product deployment tasks and client tasks.
3 On the New Deployment page, configure these settings, then click Save at the top of the page.
Option Description
Name and Type a name and description for this deployment.
Description
This name appears on the Deployment page after the deployment is saved.
Select the Click Select Systems to open the System Selection dialog box and select the systems
systems where you want to deploy the client software.
If needed, configure the following:
Run at every policy enforcement (Windows only)
Allow end users to postpone this deployment (Windows only)
Maximum number of postponements allowed
Option to postpone expires after
Display this text
Select a start time Select a start time or schedule for your deployment:
Run Immediately Starts the deployment task the next time the systems check for
updates from the management server.
Once Opens the scheduler so you can configure the start date, time, and
randomization.
The Product Deployment page opens with your new project added to the list of deployments. Also, a
client task is automatically created with the deployment settings.
See also
SetupEP command-line options (McAfee ePO and McAfee ePO Cloud deployment tasks) on
page 46
Use this URL to install the client software locally on their own system.
Send this URL to users with instructions for installing the client software on their local systems.
Tasks
Install the product with default settings on page 31
Create a default installation URL and use it to install the client software on systems in the
default group.
Install the product with custom settings on page 32
Create a custom installation URL and use it to install the client software on your own local
system or send it to end users to install the client software on their systems.
Install with an installation URL on page 33
Install the product on a local system with an installation URL.
In a McAfee ePO Cloud environment, you must have administrative logon credentials for
a McAfee ePO Cloud account. McAfee or your service provider sends these to you in an
email.
Task
For details about product features, usage, and best practices, click ? or Help.
2 Select Menu | Dashboards, then select Getting Started with ePolicy Orchestrator from the drop-down list.
The product modules installed on managed systems are listed under My Products. The default
installation URL appears underneath.
3 Install the product locally or send the URL to users to install on their systems.
b Send the URL in an email message with any special instructions for installing
on local systems.
In a McAfee ePO Cloud environment, you must have administrative logon credentials for
a McAfee ePO Cloud account. McAfee or your service provider sends these to you in an
email.
Task
For details about product features, usage, and best practices, click ? or Help.
2 Select Menu | Dashboards, then select Getting Started with ePolicy Orchestrator from the drop-down list.
The product modules installed on managed systems are listed under My Products.
b Send the URL in an email message with any special instructions for installing on local systems.
You must have an installation URL that you created or received from your administrator.
Task
For details about product features, usage, and best practices, click ? or Help.
2 Follow the instructions on the screen to install. If the installation does not start automatically, click
Install.
Click Run if prompted to run or save.
A dialog box displays the progress of the installation and indicates when it is complete. If needed, you
can click Cancel to stop the installation.
The installation log, McAfeeSmartInstall_<date>_<time>.log, is saved in <LocalTempDir>
\McAfeeLogs (for example, C:\Windows\Temp\McAfeeLogs).
Task
For details about product features, usage, and best practices, click ? or Help.
1 Wait for client systems to report back to the security management platform (typically after an hour
or two).
2 On the security management console, select Menu | Dashboards, then select Endpoint Security: Installation
Status for a complete listing of the managed systems where the software was installed and their
status.
Best practice: Reinstall the client software as soon as possible. When it is uninstalled, the system is
not protected against threats.
Task
For details about product features, usage, and best practices, click ? or Help.
To uninstall... Do this...
From multiple Run a product deployment task:
systems
remotely 1 On the security management console, select Menu | Policy | Product Deployment.
2 Duplicate the task you used to install the product modules, then specify Remove
as the Action.
3 After the task has completed, verify that the client software was uninstalled
from the selected systems. Click Dashboards, then select Endpoint Security: Installation
Status.
See the McAfee ePO or McAfee ePO Cloud product guide for more information
about using product deployment tasks.
2 In the list of programs, select each product module, then click Uninstall.
McAfee Endpoint Security Adaptive Threat Protection If Adaptive Threat Protection is
installed, you must uninstall it before uninstalling Threat Prevention.
McAfee Endpoint Security Firewall 10.5
McAfee Endpoint Security Threat Prevention 10.5
McAfee Endpoint Security Web Control 10.5
McAfee Endpoint Security Platform 10.5
Endpoint Security Platform (Common module) is uninstalled automatically with
the last product module.
3 If prompted, enter a password for each module.
By default, no password is required.
Use this information to install the product on systems that are not managed by a centralized network
management tool.
Contents
Installation overview for self-managed systems
Upgrade the McAfee Agent on self-managed systems
Install with the installation wizard
Install from the command line
Verify the installation
Uninstall from a self-managed system
2 (Optional) If you are upgrading legacy products and plan to preserve your settings, review and
revise them as needed.
Endpoint Security requires McAfee Agent 5.0.2.333 or later (version 5.0.4 is recommended).
Endpoint Security automatically upgrades version 4.0 and later of the agent to a supported version
during product upgrades. You can also upgrade the agent manually.
7 (Optional) If you upgraded from legacy products and preserved your settings, verify that the
settings were preserved.
Best practice: Restart the system after installing this release of the product.
See also
Upgrading an existing version of the product on page 22
Task
For details about product features, usage, and best practices, click ? or Help.
1 Download the McAfee Agent client package from the download site.
2 Unzip the McAfee Agent package and locate the FramePkg_Upd.exe file.
Task
For details about product features, usage, and best practices, click ? or Help.
1 Obtain your copy of the product software, then launch the installation wizard on the self-managed
system.
CD or DVD Insert the disc into a drive, open the contents, then double-click
setupEP.exe.
If you reboot later, run the installation wizard again at your earliest convenience.
5 If you are upgrading VirusScan Enterprise 8.8, Host Intrusion Protection 8.0, or SiteAdvisor
Enterprise 3.5, select whether to preserve your settings.
6 Click Install.
A dialog box shows the progress of the installation and notifies you when it is complete. You can
cancel the installation at any time, if needed.
See also
Other virus-detection and firewall software on page 17
For silent installation, the wizard displays no feedback. All information is available in logs.
For interactive command-line installation, the wizard displays a progress window and allows you to
cancel the installation, if needed. All information is available in logs.
Task
1 Copy the product files to the self-managed system.
Depending on how you purchased the product, you might need to download product files from a
download site or copy them from a disc.
2 Open a Command Prompt window, navigate to the folder where you copied the files, then type this
command and any applicable parameters, which are not case-sensitive:
setupEP.exe /parameters
Type setupEP.exe /help for a complete list of command-line options for the SetupEP utility.
Best practice: Restart the system after installing this release of the product.
See also
SetupEP command-line options (self-managed) on page 47
Task
For details about product features, usage, and best practices, click ? or Help.
1 Open the Windows Control Panel and verify that the name of each module you selected to install
appears and that version 10.5 is installed.
McAfee Endpoint Security Firewall
2 Open the installation log file and make sure that no errors or failure messages appear.
By default, the installation wizard installs the installation log files in the user Temp folder as %Temp%
\McAfeeLogs (for example, C:\Users\username\AppData\Local\Temp\McAfeeLogs).
3 Open the Endpoint Security Client, then click Update Now to ensure that the system is up to date.
If your system is up to date, the page displays No Updates Available and the date and time of the last
update.
4 (Upgrade only) If you upgraded legacy products with preserved settings, check the client Settings
page for each product module to verify that legacy settings were migrated.
Best practice: Reinstall the client software as soon as possible. When it is uninstalled, the system is
not protected against threats.
Task
1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
2 In the list of programs, select each product module, then click Uninstall.
McAfee Endpoint Security Adaptive Threat Protection If Adaptive Threat Protection is installed, you must
uninstall it before uninstalling Threat Prevention.
Endpoint Security Platform (Common module) is uninstalled automatically with the last product
module.
4 Wait for the wizard to report that it has uninstalled the support components. If you do not see a
notification, check the Event Log to verify that the Endpoint Security Platform was removed
successfully.
5 If no other protection services are installed, select McAfee Agent in the Uninstall Programs screen of the
Windows Control Panel, then click Uninstall.
See also
SetupEP command-line options (self-managed) on page 47
Use this information for basic product maintenance, troubleshooting, and reference.
Contents
Troubleshooting installation problems
Resolving error codes and messages
Using command-line options
Log files
Task
1 Download the EICAR file from this location:
http://www.eicar.org/download/eicar.com
If installed properly, Threat Prevention interrupts the download and displays a threat detection
dialog box.
2 Click OK.
If not installed properly, Threat Prevention does not detect the virus or interrupt the download
process. In this case, use Windows Explorer to delete the EICAR test file from the client computer,
then reinstall the product and test the new installation.
Files
MER tool for McAfee ePO uses McAfee ePO to run the MER tool on client computers.
See How to use the MER tool for McAfee ePO.
Depending on how you launched the installation wizard, it displays a description of the error or an
error code.
Your system is not Error code: 16029, 16030, 16031 To protect your system against
protected. Your The installation wizard was interrupted before threats, contact McAfee support
previous security Endpoint Security was installed. Your as soon as possible.
software was previous software was uninstalled, but no
uninstalled, but the other changes were made to your system.
installer was interrupted
before McAfee Endpoint
Security was installed.
Call McAfee support for
assistance as soon as
possible.
Your system is not fully Error code: 16032 To fully protect your system
protected. The installer One or more Endpoint Security product against threats, call McAfee
could not install modules failed to install. Your previous support as soon as possible.
[product name]. Call software was uninstalled.
McAfee support for
assistance.
Policy import failed. Error code: 16502 Check that you selected the
The installation wizard installed Endpoint proper data to import. Contact
Security successfully, but couldn't import the support if the issue persists.
specified policy.
Policy import failed. Error code: 17001 Check that you selected the
The installation wizard couldn't import the proper data to import. Contact
specified policy. McAfee support if the issue
persists.
Installation failed and Error code: 17002 Check the installation logs on
then rollback failed. The installation wizard couldn't install the system and contact McAfee
Endpoint Security or roll back the changes it support for assistance.
made to the user's system.
For each product module selected in a product deployment task, type supported options in the
corresponding Command line window. (Do not type the command, type only the options.)
Example
Installs the product files to a folder on drive D under Installed Programs and saves the installation
log files to a folder under Installed Programs\Logs.
Option Definition
INSTALLDIR="install_path" Specifies where to install the product files on the computer.
The installation wizard creates an Endpoint folder at the specified
location and installs the product to this folder.
Example:
INSTALLDIR="D:\Installed Programs"
Installs the product modules under D:\Installed Programs
\EndPoint\.
By default, product files are installed in the folder C:\windows
\Temp\McAfeeLogs.
/log"install_log_path" or / Specifies where to save the installation log files for tracking
l"install_log_path" installation events.
/l*v"install_log_path" The installation wizard creates an Endpoint folder at the
specified location and saves the log files to this folder.
Example:
/l"D:\Log Files"
Installs the product log files under D:\Log Files\EndPoint\.
By default, log files are saved in the Windows System TEMP
folder C:\windows\Temp\McAfeeLogs.
*v Specifies verbose (more descriptive) logging entries.
/nocontentupdate Does not update product content files automatically as part of the
installation process.
Content files include the latest AMCore and Exploit Prevention
content files required for Endpoint Security.
See also
Download Endpoint Security content files on page 29
Log files on page 51
Open a Command Prompt window, then run the SetupEP command using the appropriate
command-line options.
Example
Installs the product files to a folder on drive D under My Programs and saves the installation log files
to a folder under My Log Files.
Basic options
All options
Option Definition
ADDLOCAL="fw,tp,wc" Selects the product modules to install:
fw Firewall
tp Threat Prevention
wc Web Control
fw,tp,wc Install all three modules.
Example:
ADDLOCAL="tp,wc"
Installs Threat Prevention and Web Control.
/log"install_log_path" or / Specifies where to save the installation log files for tracking
l"install_log_path" installation events.
/l*v"install_log_path" The installation wizard creates an Endpoint folder at the
specified location and saves the log files to this folder.
Example:
/l"D:\Log Files"
Installs the product log files under D:\Log Files\EndPoint\.
By default, log files are saved in the User TEMP folder C:
\users\username\AppData\Local\Temp\McAfeeLogs.
*v Specifies verbose (more descriptive) logging entries.
Option Definition
/qn or /quiet Specifies how the users can interact with the installation wizard:
/qb! or /passive qn Hide all installation notifications (silent mode). Users
/qb have no interaction.
qb! Show only a progress bar without a Cancel button. Users
cannot cancel the installation while it is in progress (passive
mode).
qb Show only a progress bar with a Cancel button. Users can
cancel the installation while it is in progress, if needed.
/policyname <name> Assigns the specified policy to systems where the product is
installed.
/unlock <password> Sets the password for unlocking the client UI.
See also
Download Endpoint Security content files on page 29
Log files on page 51
Create a custom policy to import on page 21
Open a Command Prompt window, then run the ESConfigTool command using the appropriate
command-line options.
Example
Exports policy settings for Threat Prevention and Firewall to the file C:\ENS\preconfigured.policy.
Basic options
Option Definition
/export Saves policy settings to a file with the specified name and location.
<file_path_and_name>
Example:
/export C:\My Programs\Endpoint\preconfigured.policy
Exports settings to the file preconfigured.policy in the C:\My
Programs\Endpoint folder.
Save this file to a folder that is not protected by McAfee. The folder
containing ESConfigTool is protected, so the export location should
be a different, writable location.
/unlock <password> Sets the password for unlocking the client UI.
/plaintext Specifies descriptive comments in human-readable format.
See also
Create a custom policy to import on page 21
Log files
The installation wizard tracks details about installation, uninstallation, and migration in log files that
you can use to verify results and troubleshoot problems.
Adaptive Threat Protection is an optional Endpoint Security module that analyzes content from your
enterprise and decides what to do based on file reputation, rules, and reputation thresholds.
You must manually install the components for Adaptive Threat Protection separately after Endpoint
Security installation is complete.
Contents
About Adaptive Threat Protection
Install the product in managed environments
Install the product on self-managed systems
Self-managed
Adaptive Threat Protection isn't supported on systems managed by McAfee ePO Cloud.
Adaptive Threat Protection works with Endpoint Security Threat Prevention version 10.5. The Threat
Prevention and Common modules must be installed on the systems where Adaptive Threat Protection
is installed.
McAfee ePO systems If the product packages are checked in but not installed for these modules,
they are installed automatically when you install Adaptive Threat Protection.
Self-managed systems If these modules are not installed, you can't install Adaptive Threat
Protection.
Content files for Adaptive Threat Protection contain rules to dynamically compute the reputation of
files and processes on the managed systems. They are updated every two months as part of the
AMCore content package.
Tasks
Download and check in the components to McAfee ePO on page 57
Check in the required Adaptive Threat Protection components to the McAfee ePO server. If
you plan to install the TIE server, you also need to download and check in the Data
Exchange Layer.
Deploy Adaptive Threat Protection on page 58
Deploy the Adaptive Threat Protection client package to managed systems. If you plan to
install the TIE server, you also need to deploy the DXL Client.
Verify the deployment on page 58
After installing the Adaptive Threat Protection components, verify the deployment to
managed systems. If you plan to install the TIE server, also verify deployment for the Data
Exchange Layer.
Uninstall Adaptive Threat Protection on page 59
Remove the product software from managed systems remotely from the management
console or locally at the managed system.
Optional components
Adaptive Threat Protection can integrate with these optional components:
TIE server A server that stores information about file and certificate reputations, then passes
that information to other systems.
TIE server is optional. For information about the server, see the Threat Intelligence Exchange
Product Guide.
Data Exchange Layer Clients and brokers that enable bidirectional communication between the
Adaptive Threat Protection module on the managed system and the TIE server.
Data Exchange Layer is optional, but it is required for communication with TIE server. See McAfee
Data Exchange Layer Product Guide for details.
These components are installed as McAfee ePO extensions and add several new features and reports.
If TIE server isn't available and the system is connected to the Internet, Adaptive Threat Protection
uses McAfee GTI for reputation decisions.
If TIE server isn't available and the system isn't connected to the Internet, Adaptive Threat
Protection determines the file reputation using information about the local system.
If TIE server is available, Adaptive Threat Protection uses the Data Exchange Layer framework to
share file and threat information instantly across the whole enterprise.
See the Endpoint Security Adaptive Threat Protection Help for more information.
Threat Intelligence Threat Intelligence 1.2 Optional. See the McAfee Threat
Exchange Exchange (TIE) Intelligence Exchange Server Product
server Guide.
McAfee ePO server 5.1.1, 5.3
(on-premise only)
McAfee ePO product McAfee Agent for 5.0.2.333 or later Automatically checked in when you
packages (checked Windows (5.0.4 check in Endpoint Security to McAfee
in to the Master recommended) ePO.
Repository)
Data Exchange 2.0.0 Optional. Required if deploying the
Layer Client TIE server.
package
Endpoint Security 10.5 Automatically checked in when you
Platform check in Endpoint Security to McAfee
ePO.
McAfee ePO product McAfee Agent 5.0.2.333 or later Automatically checked in when you
extensions (installed extension (5.0.4 check in the Endpoint Security
in Extensions) recommended) product to McAfee ePO.
Tasks related to the TIE server are required only when the TIE server is installed.
Check in the Endpoint Security Client product deployment package to the Master Repository.
3 (Required for TIE server only.) Install the Data Exchange Layer product files on McAfee ePO.
Install the Data Exchange Layer extension.
Check in the Data Exchange Layer product deployment package to the Master Repository.
Check in the Adaptive Threat Protection product deployment package to the Master Repository.
6 (Required for TIE server only.) Deploy the Data Exchange Layer package to managed systems.
7 Deploy Endpoint Security (at least Threat Prevention and Endpoint Security Platform) and Adaptive
Threat Protection to managed systems.
You can use a single deployment task for steps 6 and 7.
9 (Required for TIE server only.) Install and configure the Threat Intelligence Exchange (TIE) server.
See the McAfee Threat Intelligence Exchange Product Guide.
See also
Install the product files on the management server on page 28
Deploy to multiple systems with deployment tasks on page 29
Task
For details about product features, usage, and best practices, click ? or Help.
2 (Required only for TIE server) Check in the McAfee Data Exchange Layer package:
a From Management Solutions, select McAfee Data Exchange Layer 2.0.
See also
Install the product files on the management server on page 28
If Endpoint Security Threat Intelligence version 10.2 is installed, it is removed automatically during
this installation process.
See the McAfee ePO Help for details about deploying software.
Task
For details about product features, usage, and best practices, click ? or Help.
1 In McAfee ePO, select Menu | Software | Product Deployment, then click New Deployment.
2 Complete the new deployment information, being sure to deploy the packages in this order:
1 Data Exchange Layer Client Required only if you plan to install the TIE server.
See also
System requirements for Adaptive Threat Protection on page 55
System requirements for Endpoint Security on page 15
Deploy to multiple systems with deployment tasks on page 29
Task
For details about product features, usage, and best practices, click ? or Help.
1 In the System Tree, click the group or system name, then click the Products tab.
McAfee DXL Client Required only if you plan to install the TIE server.
Using Adaptive Threat Protection to detect and respond to threats in your environment
For additional threat intelligence sources and functionality, you can also deploy the Threat Intelligence
Exchange server. See the McAfee Threat Intelligence Exchange Product Guide for information about
installing and configuring the optional server.
Task
For details about product features, usage, and best practices, click ? or Help.
To uninstall... Do this...
From multiple 1 On the security management console, select Menu | Policy | Product Deployment.
systems
remotely 2 Duplicate the deployment task you used to install Adaptive Threat Protection,
then specify Remove as the Action.
If you also selected Threat Prevention and Endpoint Security Platform
(Common) in the original deployment task, they will be uninstalled.
3 Verify that the client software was uninstalled from the selected systems.
Click Dashboards, then select Endpoint Security: Installation Status.
See the McAfee ePO product guide for more information about using product
deployment tasks.
From the local 1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
managed system
2 In the list of programs, select McAfee Endpoint Security Adaptive Threat Protection, then
click Uninstall.
3 If prompted, enter a password.
By default, no password is required.
You must uninstall Adaptive Threat Protection before uninstalling Threat
Prevention.
See also
Uninstall from systems managed with McAfee ePO or McAfee ePO Cloud on page 34
Tasks
Install Adaptive Threat Protection on the system on page 61
Install the product software on a self-managed system after installing version 10.5 of
McAfee Endpoint Security.
Verify the installation on self-managed systems on page 61
After installing Adaptive Threat Protection, verify the installation.
Uninstall Adaptive Threat Protection on self-managed systems on page 62
Remove the product software on a self-managed system from the Windows Control Panel.
If the system is connected to the Internet, Adaptive Threat Protection uses McAfee GTI for
reputation decisions.
If the system isn't connected to the Internet, Adaptive Threat Protection determines the file
reputation using information on the local system.
See the Endpoint Security Adaptive Threat Protection Help for more information.
Endpoint Security Threat 10.5 Can be installed as part of the Endpoint Security
Prevention bundle.
2 Install Endpoint Security components (at least Threat Prevention and Endpoint Security Platform).
If Endpoint Security Threat Intelligence version 10.2 is installed, it is removed automatically during
this installation process.
Task
For details about product features, usage, and best practices, click ? or Help.
1 Download the Adaptive Threat Protection .zip file to the self-managed system.
If you purchase the product online, McAfee or another provider sends instructions and a URL for
downloading the product.
See also
System requirements for Adaptive Threat Protection on self-managed systems on page 60
Task
For details about product features, usage, and best practices, click ? or Help.
1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
2 Check the About box to confirm that Adaptive Threat Protection reports McAfee GTI connectivity.
Without McAfee GTI connectivity, detections might be reduced.
3 Select the appropriate rule group based on your needs. See the Endpoint Security Adaptive Threat
Protection Help for more information.
4 Configure Dynamic Application Containment. Configure exclusions, specify the trigger threshold,
and set rules to block. See the Endpoint Security Adaptive Threat Protection Help for more
information.
Best practice: By default, Dynamic Application Containment rules are set to report only. For
information about Dynamic Application Containment rules, including best practices for when to set a
rule to report or block, see KB87843.
Task
For details about product features, usage, and best practices, click ? or Help.
1 Open the Windows Control Panel, then go to the Uninstall Programs screen.
2 In the list of programs, select McAfee Endpoint Security Adaptive Threat Protection, then click Uninstall.
4 Wait for the wizard to report that it has uninstalled the product. If you do not see a notification,
check the Event Log to verify that the product was removed successfully.
See also
Uninstall from a self-managed system on page 40
A browser requirements 15
best practices
D
Adaptive Threat Protection, observe mode 62
Data Exchange Layer
before installing and upgrading 18
deploying 58
customizing product settings 18
verifying the deployment 58
preparing to migrate legacy policies 22
Data Exchange Layer Client
rebooting after installation 25, 37
and Threat Prevention 54
reinstalling client software 34, 40
installation overview 56
running McAfee GetClean tool 18
testing custom packages 19 Deep Defender, compatibility 17
deployment
updating content files during installation 46, 47
Adaptive Threat Protection 58
version to install, Adaptive Threat Protection 55, 60
Data Exchange Layer client 58
M N
Macintosh support non-Microsoft browsers 15
client software 14
requirements 15 O
management platforms, See security management platforms operating systems, supported
management server, See security management server Adaptive Threat Protection 55, 60
McAfee Agent Endpoint Security 15
Host Intrusion Prevention, compatibility 27
installation requirements, Adaptive Threat Protection 55, 60
P
installation requirements, all platforms 15
upgrading, McAfee ePO Cloud systems 27 policies
upgrading, McAfee ePO systems 27 migrating, best practice 22
upgrading, self-managed systems 38 migrating, overview 8, 22
McAfee ePO Cloud systems migrating, precedence 20
command-line options 46 preconfiguring 1821
creating installation URL 31, 32 preconfiguration of product features
creating product deployment task 29 best practices 18
installation overview 25 creating custom packages 19
installing with command line 29 creating custom policy to import 21
installing with URL 33 installing custom packages 20
license information 25 migration and 20
security management platform overview 13 overview 18
sending installation URL 31, 32 preserved settings, self-managed systems 3739
uninstalling the product 34 product deployment task
upgrading McAfee Agent 27 McAfee ePO Cloud systems 29
verifying installation 34 McAfee ePO systems 29
McAfee ePO systems
Adaptive Threat Protection and 53 R
command-line options 46 Real Protect 60, 62
creating installation URL 31, 32 remove, See uninstallation
creating product deployment task 29 requirements
installation overview 25 Adaptive Threat Protection, McAfee ePO systems 55
installing on security management server 28 Adaptive Threat Protection, self-managed systems 60
installing with command line 29 browser 15
installing with URL 33 Linux systems 15
preconfigured settings 19, 20 Macintosh systems 15
security management platform overview 11 McAfee Agent 15
sending installation URL 31, 32 security management platforms 15
updating content files 29 Windows systems 15
upgrading McAfee Agent 27
verifying installation 34
S
McAfee ePO systems, uninstallation 34
McAfee GTI 18, 54, 60, 62 security level, browser 15
McAfee ServicePortal, accessing 6 security management platforms
MER tool, troubleshooting 43 McAfee ePO Cloud, overview 13
migration McAfee ePO, overview 11
compatible legacy products 22 options 11
custom policies and 20 overview 10
log files 51 requirements 15
self-managed systems, See upgrades self-managed systems
modules Adaptive Threat Protection and 60
about Endpoint Security 7 command-line options 47, 50
installation, command line 39
installation, overview 37
installation, wizard 38