Endpoint Security Support

icon-locked-whiteService Requests Search Knowledge Center


Clean Install

McAfee defines a clean installation as a deployment where there are no elements of McAfee software pre-existing on the endpoint. See “Upgrades” if there is pre-existing software.

Review the Supported Environments documentation to ensure that the environment is compatible before deploying McAfee Endpoint Security:

Review Reference Configurations, which are deployment scenarios that have undergone extensive testing to ensure proper sequencing and improve ease of execution. Each Reference Configuration document contains a product mix that has been validated to work together properly for a specific type of customer profile. Review the following article to learn more and find the applicable Reference Configuration:

Review the guides below for information about how to install McAfee Endpoint Security and for additional details regarding system requirements.

Note: All McAfee Endpoint Security module features are enabled by default.

In the event an issue is encountered during installation, see the following documentation:

All Installation Resources

 

Upgrade

McAfee defines an upgrade as a deployment where a version of McAfee Endpoint Security already exists on the endpoint. See “Migration” if legacy McAfee software (McAfee VirusScan Enterprise, McAfee Host Intrusion Prevention, and McAfee SiteAdvisor Enterprise) already exists on the endpoint.

Review the Supported Environments documentation to ensure that the environment is compatible before deploying McAfee Endpoint Security:

Use the McAfee Endpoint Upgrade Assistant (EUA) to automate the upgrade process. The EUA analyzes the endpoints in your McAfee ePO environment, detects the supported McAfee products that are installed, and determines the minimum security requirements for upgrading to the current product versions. These steps ensure a successful upgrade.

In the event an issue is encountered during upgrades, see the following documentation:

All Upgrade Resources

Migrate

McAfee defines migration as a deployment where one or more legacy McAfee products (McAfee VirusScan Enterprise, McAfee Host Intrusion Prevention, and McAfee SiteAdvisor Enterprise) already exist on the endpoint where McAfee Endpoint Security will be deployed.

Review the Supported Environments documentation to ensure that the environment is compatible before deploying McAfee Endpoint Security:

You can also use the Endpoint Upgrade Assistant (EUA) to migrate from legacy McAfee products. The EUA analyzes the endpoints in your McAfee ePO environment, detects the supported McAfee products that are installed, and determines the minimum security requirements for upgrading to the current product versions. These steps ensure a successful migration.

The Endpoint Security Trust Model is a new security model that differs from legacy McAfee products. As a result, migrated legacy policies might not align with McAfee Endpoint Security best practices (see “Configuration & Best Practices”). McAfee strongly recommends that migration is used as an opportunity to review current policies and configuration.

Note: All McAfee Endpoint Security module features are enabled by default.

See the following documentation for information about configuration and best practices for policies with McAfee Endpoint Security:

In the event an issue is encountered during migration, see the following documentation:

All Migration Resources

Configuration & Best Practices Updated

The default settings for McAfee Endpoint Security typically require additional configuration and tuning for most environments.

Note: All McAfee Endpoint Security module features are enabled by default.

To get acquainted with the software, review the documentation below:

Product guides:

The McAfee Endpoint Security Trust Model is a new security model that differs from legacy McAfee products. As a result, migrated legacy policies might not align with McAfee Endpoint Security best practices. McAfee strongly recommends that adopting McAfee Endpoint Security is used as an opportunity to review current policies and configuration.

See the following documentation about policy optimization:

All Performance & Configuration Resources

Root Certificate Expiration

The McAfee product line uses TLS for secure communication. Two certificates validate McAfee TLS chains, including a primary expiring in 2038 and a secondary expiring on May 30, 2020. If either certificate, or both, are present in your environment, TLS will function correctly prior to May 30, 2020. After May 30, 2020, only the primary certificate will be valid. Out of an abundance of caution McAfee is informing customers of this impending event.

Generally, certificates are auto-updated through operation systems and customers will not be impacted. However, in environments where automatic management of root certificates is disabled and the primary certificate has not been manually deployed, customers will potentially be impacted. KB92937 provides information on how to verify and install the primary certificate.

Failure to have a valid certificate will cause product issues including reduced detection efficacy.

The primary certificate that needs to be validated is in a customer's environment as below:

Subject : CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
Thumbprint : 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
Expiration : 2038-01-18

Subscribe to KB92937 to receive updates.

Free Demo

Request

Free Trial

Download

More Information

Contact Us