Change Control and Application Control 6.2.0 Installation Guide for use with ePO 4.6… ·...

Installation Guide

McAfee Change Control and McAfeeApplication Control 6.2.0For use with McAfee ePolicy Orchestrator

COPYRIGHT

Copyright © 2015 McAfee, Inc., 2821 Mission College Boulevard, Santa Clara, CA 95054, 1.888.847.8766, www.intelsecurity.com

TRADEMARK ATTRIBUTIONSIntel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo, McAfee ActiveProtection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, McAfee Evader, Foundscore, Foundstone, Global Threat Intelligence,McAfee LiveSafe, Policy Lab, McAfee QuickClean, Safe Eyes, McAfee SECURE, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee TechMaster, McAfeeTotal Protection, TrustedSource, VirusScan are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries.Other marks and brands may be claimed as the property of others.

LICENSE INFORMATION

License AgreementNOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETSFORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOUHAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOURSOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR AFILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SETFORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OFPURCHASE FOR A FULL REFUND.

2 McAfee Change Control and McAfee Application Control 6.2.0 Installation Guide

http://www.intelsecurity.com

Contents

Preface 5About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

1 Installing the software 7Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Supported McAfee ePO versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Install the Solidcore extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Install manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Install using Software Manager . . . . . . . . . . . . . . . . . . . . . . . . . 9

Specify licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Install the Solidcore client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Add the package to the repository . . . . . . . . . . . . . . . . . . . . . . . . 10Install the Solidcore client on the endpoints . . . . . . . . . . . . . . . . . . . . 11Verify the Solidcore client installation . . . . . . . . . . . . . . . . . . . . . . . 12Enable the Solidcore client . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

2 Upgrading the software 17Upgrade the Solidcore extension . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Upgrade manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Upgrade using Software Manager . . . . . . . . . . . . . . . . . . . . . . . . 18

Verify the Solidcore extension upgrade . . . . . . . . . . . . . . . . . . . . . . . . . 18Upgrade the Solidcore client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Add the Solidcore client package to the repository . . . . . . . . . . . . . . . . . 20Upgrade the Solidcore client on the endpoints . . . . . . . . . . . . . . . . . . . 21Verify the Solidcore client upgrade . . . . . . . . . . . . . . . . . . . . . . . . 23Place the endpoints in Enabled mode . . . . . . . . . . . . . . . . . . . . . . 24

3 Uninstalling the software 25Remove the Solidcore client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Remove the Solidcore extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Remove the Solidcore client package . . . . . . . . . . . . . . . . . . . . . . . . . . 27

A Create builds for unsupported Linux kernels 29

B Frequently asked questions 37

Index 41

McAfee Change Control and McAfee Application Control 6.2.0 Installation Guide 3

Contents


Preface

This guide provides the information you need to work with your McAfee product.

Contents About this guide Find product documentation

About this guideThis information describes the guide's target audience, the typographical conventions and icons usedin this guide, and how the guide is organized.

AudienceMcAfee documentation is carefully researched and written for the target audience.

The information in this guide is intended primarily for:

• Administrators — People who implement and enforce the company's security program.

• Users — People who use the computer where the software is running and can access some or all ofits features.

ConventionsThis guide uses these typographical conventions and icons.

Book title, term,emphasis

Title of a book, chapter, or topic; a new term; emphasis.

Bold Text that is strongly emphasized.

User input, code,message

Commands and other text that the user types; a code sample; a displayedmessage.

Interface text Words from the product interface like options, menus, buttons, and dialogboxes.

Hypertext blue A link to a topic or to an external website.

Note: Additional information, like an alternate method of accessing anoption.

Tip: Suggestions and recommendations.

Important/Caution: Valuable advice to protect your computer system,software installation, network, business, or data.

Warning: Critical advice to prevent bodily harm when using a hardwareproduct.


Find product documentationAfter a product is released, information about the product is entered into the McAfee online KnowledgeCenter.

Task1 Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com.

2 In the Knowledge Base pane, click a content source:

• Product Documentation to find user documentation

• Technical Articles to find KnowledgeBase articles

3 Select Do not clear my filters.

4 Enter a product, select a version, then click Search to display a list of documents.

PrefaceFind product documentation


http://support.mcafee.com

1 Installing the software

Install Change Control or Application Control in the McAfee®

ePolicy Orchestrator®

(McAfee ePO™

)environment.

Contents Prerequisites Supported McAfee ePO versions Install the Solidcore extension Specify licenses Install the Solidcore client

PrerequisitesBefore installing Change Control or Application Control, make sure that your environment conforms tothese requirements.

• Verify that the McAfee ePO server and database are installed and configured. McAfee ePO is amanagement tool that installs software and deploys policies on the managed endpoints. It alsoallows you to monitor client activity, create reports, and store and distribute content and softwareupdates. For instructions, see McAfee ePolicy Orchestrator Installation Guide and McAfee ePolicyOrchestrator Product Guide.

• Make sure that the McAfee Agent is installed on each endpoint where you want to install ChangeControl or Application Control. McAfee Agent acts as the intermediary between the Solidcore clientand McAfee ePO server. It sends data to the client from the McAfee ePO server and the oppositeway.

• Download the Solidcore extension package from the McAfee Downloads site. The Solidcoreextension file is typically named Solidcore_epo_extn_<ver>.<build>.zip.

• Download the Solidcore client package from the McAfee Downloads site. Here are the availableSolidcore client packages.

Operating system Package name

Microsoft Windows SOLIDCOR<version>-<build>_WIN.zip

Linux SOLIDCOR<version>-<build>_LNX.zip

AIX SOLIDCOR<version>-<build>_AIX.zip

In the file name, <version> and <build> represent the version and build number associated with theproduct. For example, the SOLIDCOR614-211_WIN.zip file includes the Solidcore client (version6.1.4 and build number 211) for the Windows platform.

• Make sure that the target platforms where you want to install the Solidcore client are supported.See KB76459 (for Change Control) and KB73341 (for Application Control).

1


https://kc.mcafee.com/corporate/index?page=content&id=KB76459


• Review KB82066 for information about the supported kernels for the Linux operating system. If thetarget kernel is not mentioned in this article, there are two ways to get support:

• Compile the kernel module in your test environment and deploy immediately to productionendpoints using McAfee ePO (EEDK) or manually. For more information, see Create builds forunsupported Linux kernels.

• Request for kernel support through the McAfee Accept portal by filing a Product EnhancementRequest (PER). For information about how to submit a PER, see KB60021.

• Determine the database sizing requirements for your setup (see KB83755 for Change Control andKB83754 for Application Control).

• Review the minimum system requirements for Change Control and Application Control (seeKB84098).

• Review the release notes to acquaint yourself with the known issues and identify dependencies youmust consider.

Supported McAfee ePO versionsThis release of McAfee Application Control and McAfee Change Control is compatible with these McAfeeePO versions.

• McAfee ePO 4.6.0–4.6.9

• McAfee ePO 5.0.1–5.1.3

• McAfee ePO 5.3.0

We don't guarantee that Application Control and Change Control works with other versions of McAfeeePO.

Install the Solidcore extensionThe Solidcore extension integrates with the McAfee ePO console and provides Change Control andApplication Control features. The Solidcore extension installs on versions 4.6, 5.0, and 5.1 of theMcAfee ePO server.

Tasks

• Install manually on page 8Install the Solidcore extension to McAfee ePO manually.

• Install using Software Manager on page 9Install the Solidcore extension to McAfee ePO automatically using Software Manager.

Install manuallyInstall the Solidcore extension to McAfee ePO manually.

TaskFor option definitions, click ? in the interface.

1 Make sure that the extension file is stored at an accessible location.

2 On the McAfee ePO console, select Menu | Software | Extensions to open the Extensions page.

1 Installing the softwareSupported McAfee ePO versions



https://mcafee.acceptondemand.com/





3 Click Install Extension.

4 Browse and select the Solidcore_epo_extn_<ver>.<build>.zip file, then click OK.

5 Verify the information on the Install Extension page, then click OK.

6 Verify that the Solidcore product name appears in the Extensions list.

If the product name is not listed or you encounter errors during installation, review the Orion.logfile in the <install directory>\Server\Logs directory to analyze failure cause.

Install using Software ManagerInstall the Solidcore extension to McAfee ePO automatically using Software Manager.


1 On the McAfee ePO console, select Menu | Software | Software Manager.

2 From the Product Categories list, select Software (By Label) | File & Application Control.

3 Select McAfee Application Control 6.2 or McAfee Change Control 6.2.

4 Click Check in for the ePO Management Extension.

5 On the Check In Software Summary page, select the I accept the terms in the license agreement check box and clickOK.

Specify licensesLicenses determine the product features available to you. You can enable one or all features. Addlicenses to enable the required features.


1 On the McAfee ePO console, select Menu | Configuration | Server Settings to open the Setting Categoriespage.

2 Select Solidcore, then click Edit to open the Edit Solidcore page.

3 Enter the license keys, then click Save.

Evaluation licenses are valid for 30 days and available only for the Windows platform.

Install the Solidcore client The Solidcore client provides change monitoring, change prevention, and whitelisting features on theendpoints where it is installed. You can install and deploy the Solidcore client on Windows, Linux, and

Installing the softwareSpecify licenses 1


AIX platforms. For all supported platforms, the Solidcore client works well on both physical and virtualmachines (VM).

Tasks

• Add the package to the repository on page 10Before you install the Solidcore client, add the Solidcore client package to the McAfee ePOrepository.

• Install the Solidcore client on the endpoints on page 11Install the Solidcore client on endpoints.

• Verify the Solidcore client installation on page 12Verify that the Solidcore client was installed successfully on an endpoint.

• Enable the Solidcore client on page 13Place the Solidcore client in Enabled mode to activate the software.

Add the package to the repositoryBefore you install the Solidcore client, add the Solidcore client package to the McAfee ePO repository.

Tasks

• Add manually on page 10Add the Solidcore client package to the McAfee ePO repository manually.

• Add using Software Manager on page 10Add the Solidcore client package to the McAfee ePO repository automatically using SoftwareManager.

Add manuallyAdd the Solidcore client package to the McAfee ePO repository manually.


1 On the McAfee ePO console, select Menu | Software | Master Repository.

2 From the Packages in the Master Repository page, select Actions | Check In Package.

3 Set the package type to Product or Update (.ZIP).

4 Browse and select the package (.zip) file and click Next to open the Package Options page.

5 Confirm the information.

• Package Info: Verify the package details.

• Branch: Select the desired branch. Set to Current for new products.

• Options: (Optional) Select Move the existing package to the Previous branch to move an existing package tothe previous branch.

• Package signing: Indicates if the package is signed by McAfee or is a third-party package.

6 Click Save to add the package.

The new package appears in Packages in Master Repository list.

Add using Software ManagerAdd the Solidcore client package to the McAfee ePO repository automatically using Software Manager.

1 Installing the softwareInstall the Solidcore client






4 Click Check in for the Install - Windows packages.

5 On the Check In Software Summary page, select the I accept the terms in the license agreement check box and clickOK.

6 Repeat steps 4 and 5 for the Install - Linux package.

Install the Solidcore client on the endpointsInstall the Solidcore client on endpoints.

Before you beginBefore installing on the Linux operating system, review KB82066 for information about thesupported kernels. We add support for new kernels through kernel release cycles.Therefore, we recommend that you review the kernel list before installing. If the targetkernel is not mentioned in KB82066, there are two ways to get support:

• Compile the kernel module in your test environment and deploy immediately toproduction endpoints using McAfee ePO Endpoint Deployment Kit (EEDK) or manually.For more information, see Create builds for unsupported Linux kernels.

• Request for kernel support through the McAfee Accept portal by filing a ProductEnhancement Request (PER). For information about how to submit a PER, see KB60021.


1 On the McAfee ePO console, select Menu | Systems | System Tree.

2 Perform one of these actions:

• To apply the client task to a group, select a group in the System Tree and switch to the AssignedClient Tasks tab.

• To apply the client task to an endpoint, select the endpoint on the Systems page and click Actions |Agent | Modify Tasks on a Single System.

3 Click Actions | New Client Task Assignment to open the Client Task Assignment Builder page.

4 Select the McAfee Agent product and Product Deployment task type, then click Create New Task.

5 Specify the task name and add any descriptive information.

6 Select the target platform.

For example, when installing the Solidcore client package on the Windows operating system, selectWindows as the target platform.

Installing the softwareInstall the Solidcore client 1






7 Specify the component and action.

a Select the appropriate package from the Products and components list.

b Select the Install action.

c Select the language of the package.

d Specify the branch where to add the package.

8 Click Save, then click Next to open the Schedule page.

9 Specify scheduling details, then click Next.

10 Review and verify the task details, then click Save.

11 (Optional) Wake up the agent to send your client task to the endpoint immediately.

On all UNIX platforms, if you are using McAfee Agent 4.5 (earlier than patch 1), restart the McAfeeAgent service after you install, uninstall, or upgrade the Solidcore client.

Verify the Solidcore client installationVerify that the Solidcore client was installed successfully on an endpoint.



2 Select a group or endpoint from the list to view details for the selected node in the Systems tab.

3 Review logs from the McAfee ePO console.

a Select a system on the Systems page.

b Select Actions | Agent | Show Agent Log to view the agent log for the endpoint.

By default, agent logs are not enabled on the McAfee ePO console. For information about how toenable agent logs, see McAfee ePolicy Orchestrator Product Guide.

c Check the log to verify if the software was successfully installed at the endpoint.

4 Review the properties for the system.

a Wake up the agent to fetch properties immediately.

Typically, information is exchanged between the agent and server after the agent-servercommunication interval (ASCI) lapses. Default ASCI value is 60 minutes. Send an agentwake-up call to make sure immediate communication and data exchange between the serverand the agent, without waiting for the ASCI to expire.

b Click a system on the Systems page to view details for the selected endpoint.

c Click the Products tab and review the Solidcore version. Click the row to review additionalinformation, including the product version and installation path.

If the Solidcore information is not listed, check the log files on the endpoint to verify if thesoftware was successfully installed at the endpoint. If the Solidcore client installation fails, thelog files provide information about the cause for failure. For more information about log files,see McAfee Change Control and McAfee Application Control Installation Guide for standaloneconfiguration.



Enable the Solidcore clientPlace the Solidcore client in Enabled mode to activate the software.







4 Select the Solidcore 6.2.0 product and SC: Enable task type, then click Create New Task.

5 On the Client Task Catalog page, specify the task name and add any descriptive information.

6 Select these fields.

a Select the platform.

b Select the subplatform (only for the Windows and Unix platforms).

c Select the version (only for the All except NT/2000 subplatform).

d Indicate whether to enable Change Control, Application Control, or both.

7 Complete these steps to enable Change Control.

Solidcore client version Steps

On Solidcore client version:• 5.1.5 or earlier (Windows)

• 6.0.1 or earlier (UNIX)

Select Reboot endpoint to restart the endpoint.Restarting the system is necessary to enable the software.

On the Windows platforms, a pop-up message is displayed atthe endpoint 5 minutes before the endpoint is restarted. Thisallows the user to save work and data on the endpoint.

On UNIX platforms, the endpoint is restarted as soon as thetask is applied.

On Solidcore client version 6.0.0or later (Windows)

No configuration is needed.

On Solidcore client version 6.1.0or later (UNIX)

Deselect Reboot endpoint.When using Solidcore client version 6.1.0 or later, restarting thesystem is not necessary to enable the software.

8 Complete these steps to enable Application Control.



Solidcore clientversion

Steps

On Solidcore clientversion:• 5.1.2 or earlier

(UNIX)

• 5.1.5 or earlier(Windows)

1 Select Perform Initial Scan to create whitelist to create the whitelist whenenabling Application Control.Application Control requires the creation of a list of all trusted executablefiles present on the endpoint system (known as the whitelist). Theone-time activity of creating the whitelist is known as whitelisting orsolidification. You can choose to create the inventory while enabling theSolidcore client or defer to create it later.

If you defer the scan, run the SC: Initial Scan to create whitelist client task afterthe SC: Enable task is applied and system is restarted.

2 Select Reboot endpoint to restart the endpoint after solidification iscomplete.Restarting the system is necessary to enable the software. A pop-upmessage is displayed at the endpoint 5 minutes before the endpoint isrestarted. This allows the user to save work and data on the endpoint.

On Solidcore clientversion 6.1.0 or later(UNIX)

Deselect Reboot endpoint.When using Solidcore client version 6.1.0 or later, restarting the system isnot necessary to enable the software.

On Solidcore clientversion 6.0.0 or later(Windows)

Solidcoreclient version6.2 is notavailable forthe WindowsNT, Windows2000, Solaris,AIX, andWindRiverLinuxplatforms.

1 Specify the scan priority.The set scan priority determines the priority of the thread that is run tocreate the whitelist on the endpoints. We recommend that you set thescan priority to Low. This makes sure that Application Control causesminimal performance impact on the endpoints but might take longer(than when you set the priority to High) to create the whitelist.

2 Specify the activation option.

• Limited Feature Activation — The endpoints are not restarted and limitedfeatures of Application Control (memory protection features areunavailable) are activated. Memory Protection features are availableonly after the endpoint is restarted.

• Full Feature Activation — The endpoints are restarted, whitelist created,and all features of Application Control including Memory Protection areactive. Restarting the endpoints is necessary to enable the memoryprotection features. The endpoint is restarted 5 minutes after theclient task is received at the endpoint. A pop-up message is displayedon the endpoint before the endpoint is restarted.

3 Select Start Observe Mode to place the endpoints in Observe mode.The Observation mode feature is available only on the Windowsoperating system.

4 (Optional) Select Pull Inventory.If you select this option, the software fetches the inventory details forthe endpoints (after the whitelist is created) and makes the detailsavailable on the McAfee ePO console when the ASCI lapses. Werecommend that you select this option if you want to manage theinventory using the McAfee ePO console.


10 Specify scheduling details, then click Next.

11 Review and verify the task details, then click Save.




13 Verify that the software is enabled.


b Click a system on the Systems page.

The details for the selected system are displayed.

c Select the Products tab and review the Solidcore version. Click the row to review the license status.



2 Upgrading the software

Upgrade Change Control or Application Control to access features available in recent releases.

Contents Upgrade the Solidcore extension Verify the Solidcore extension upgrade Upgrade the Solidcore client

Upgrade the Solidcore extensionUpgrade the Solidcore extension to access the new features in a release.

Tasks• Upgrade manually on page 17

Upgrade the Solidcore extension manually.

• Upgrade using Software Manager on page 18Upgrade the Solidcore extension using Software Manager.

Upgrade manuallyUpgrade the Solidcore extension manually.

Before you beginStop the McAfee ePO Event Parser service and back up the relevant files before youupgrade the Solidcore extension.

1 Select Control Panel | Administrative Tools | Services.

2 Right-click the McAfee ePolicy Orchestrator <version> Event Parser service and click Stop.

3 Back up these items.

• McAfee ePO database

• <McAfee ePO install dir>\Server\extensions\installed\Solidcore directory

• <McAfee ePO install dir>\Server\conf\Catalina\localhost\SOLIDCORE_META.xml file

2



1 Make sure that the extension file is stored at an accessible location.


3 Click Install Extension, then browse and select the Solidcore_epo_extn_<ver>.<build>.zip file.

A warning message states that the existing extension will be replaced.

4 Click OK.

5 Verify the information on the Install Extension page, then click OK.

Upgrade using Software ManagerUpgrade the Solidcore extension using Software Manager.


1 Stop the McAfee ePO Event Parser service and back up the relevant files before you upgrade theSolidcore extension.

a Select Control Panel | Administrative Tools | Services.

b Right-click the McAfee ePolicy Orchestrator <version> Event Parser service and click Stop.

c Back up these items.

• McAfee ePO database

• <McAfee ePO install dir>\Server\extensions\installed\Solidcore directory

• <McAfee ePO install dir>\Server\conf\Catalina\localhost\SOLIDCORE_META.xml file




5 Click Update for the ePO Management Extension.

6 On the Update Software Summary page, click OK.

Verify the Solidcore extension upgradeVerify that the Solidcore extension was upgraded successfully.

2 Upgrading the softwareVerify the Solidcore extension upgrade



1 Verify that the Solidcore product name appears in the Extensions list.

If the product name is not listed or you encounter errors during upgrade, review the Orion.log filein the <install directory>\Server\Logs directory to analyze failure cause.

After you upgrade the Solidcore extension, the domain netbiosName for existing users importeddirectly from an Active Directory to rule groups and policies will not be populated. To make sure thedomain netbiosName is available for such users, delete and reimport users from the ActiveDirectory. After the upgrade, any users that you import from the Active Directory and add to new orexisting rule groups and policies will automatically include the domain netbiosName.

2 Start the McAfee ePO Event Parser service.

a Select Control Panel | Administrative Tools | Services.

b Right-click the McAfee ePolicy Orchestrator <version> Event Parser service and click Start.

3 Verify that migration of data was successful.

a On the McAfee ePO console, select Menu | Automation | Server Task Log.

b Check if the Solidcore: Migration server task was completed.

This server task completes upgrade-related activities.

c If the migration fails, review the server task log, resolve any issues, and run the Solidcore:Migration server task manually to complete the migration.

When you upgrade the Solidcore extension (from the 5.1.5 or earlier version), existing inventoryand image deviation data is not migrated. After you upgrade, you must fetch inventory details, asneeded. Also, during upgrade one of these occurs for dashboards and reports:

• If you did not edit a default dashboard or report, the upgrade operation overwritesthe dashboard or report.

• If you edited a default dashboard or report, the upgrade operation retains the editeddashboard or report and adds the corresponding new dashboard or report with asuffix.

4 (Optional) Run the Rule Group Sanity Check server task from the McAfee ePO console to fix theinconsistencies in the rule groups.

This server task reports and corrects (if possible) discrepancies and inconsistencies in the Solidcorerule groups and policies.

a On the McAfee ePO console, select Menu | Automation | Server Tasks.

b Click Actions | New Task to open the Server Task Builder wizard.

c Type the task name and click Next.

d Select Solidcore: Rule Group Sanity Check from the Actions drop-down list, then click Next.

e Specify the schedule for the task, then click Next to open the Summary page.

f Review the task summary and click Save.

g Review the logs generated by the server task (on the Server Task Log page) to view the warnings,if any.

Upgrading the softwareVerify the Solidcore extension upgrade 2


Upgrade the Solidcore client You can upgrade the Solidcore client on Windows, Linux, and AIX platforms. For all supportedplatforms, the Solidcore client works well on both physical and virtual machines (VM).

Before you beginBefore upgrading on the Linux operating system, review KB82066 for information about thesupported kernels. We add support for new kernels through kernel release cycles.Therefore, we recommend that you review the kernel list before upgrading. If the targetkernel is not mentioned in KB82066, there are two ways to get support:

• Compile the kernel module in your test environment and deploy immediately toproduction endpoints using McAfee ePO Endpoint Deployment Kit (EEDK) or manually.For more information, see Create builds for unsupported Linux kernels.

• Request for kernel support through the McAfee Accept portal by filing a ProductEnhancement Request (PER). For information about how to submit a PER, see KB60021.

For information about the supported operating systems, see KB76459 (for Change Control) andKB73341 (for Application Control).

If you cannot upgrade the Solidcore clients on your critical endpoints, the endpoints work well with theupgraded Solidcore extension. However, the new features available in the 6.2.0 version are not availableon the endpoints until you upgrade the Solidcore client version.

Tasks• Add the Solidcore client package to the repository on page 20

Before you can upgrade, you must add the Solidcore client package to the McAfee ePOrepository.

• Upgrade the Solidcore client on the endpoints on page 21Upgrade the Solidcore client on the endpoints to access new features available in the recentversion.

• Verify the Solidcore client upgrade on page 23Verify that the Solidcore client was upgraded successfully on an endpoint.

• Place the endpoints in Enabled mode on page 24If you did not upgrade in Enabled mode, you must place the endpoints in Enabled modeafter you upgrade the Solidcore client.

Add the Solidcore client package to the repositoryBefore you can upgrade, you must add the Solidcore client package to the McAfee ePO repository.

Tasks• Add package manually on page 20

Add the Solidcore client package to the McAfee ePO repository manually.

• Add package using Software Manager on page 21Add the Solidcore client package to the McAfee ePO repository automatically using SoftwareManager.

Add package manuallyAdd the Solidcore client package to the McAfee ePO repository manually.

2 Upgrading the softwareUpgrade the Solidcore client









1 On the McAfee ePO console, select Menu | Software | Master Repository to open the Packages in the MasterRepository page.

2 Select Actions | Check In Package.

3 Set the package type to Product or Update (.ZIP).

4 Browse and select the package (.zip) file, then click Next to open the Package Options page.

5 Confirm the information.

• Package Info: Verify the package details.

• Branch: Select the desired branch. Set to Current for new products.

• Options: (Optional) Select the Move the existing package to the Previous branch option to move an existingpackage to the previous branch.

• Package signing: Indicates if the package is signed by McAfee or is a third-party package.

6 Click Save to check in the package.

The new package appears in Packages in Master Repository list.

Add package using Software ManagerAdd the Solidcore client package to the McAfee ePO repository automatically using Software Manager.





4 Click Update for the Install - Windows packages.

5 On the Update Software Summary page, click OK.

6 Repeat steps 4 and 5 for the Install - Linux package.

Upgrade the Solidcore client on the endpointsUpgrade the Solidcore client on the endpoints to access new features available in the recent version.You can upgrade the Solidcore client in various modes. Before upgrading, review this information toplace the endpoints in the suitable mode.

Upgrading the softwareUpgrade the Solidcore client 2


Enabled mode In Enabled mode, you can upgrade the Solidcore client on all supported Windowsplatforms except Windows NT and Windows 2000. Upgrade in Enabled mode is notavailable on the UNIX platforms.By default, the McAfee default policy that includes the McAfee publishers rule groupis applied to the endpoints. If you choose to upgrade in Enabled mode and havechanged the default policies, verify that the McAfee publishers rule group is assignedto policies that are applied on the endpoints.

Update mode For the Linux and AIX operating systems, we recommend that you upgrade using theUpdate mode.

Observe mode Observe mode is available on all supported Windows platforms except Windows NTand Windows 2000. Observe mode is not available on the UNIX platforms.

If you are upgrading from the 6.1.1 release, we recommend that you upgrade inEnabled or Update mode. If you choose to upgrade in Observe mode, review KB79517before upgrading.

Disabled mode If your endpoint is currently in Disabled mode, you can upgrade in the Disabledmode.

If you are upgrading a Linux system in Disabled mode from 6.1.0 to a later release,restart the endpoint before upgrading.

For information about how to place the endpoints in Update, Disabled, or Observe mode, see McAfeeChange Control and McAfee Application Control Product Guide.







4 Select the McAfee Agent product, Product Deployment task type, then click Create New Task to open the ClientTask Catalog page.



For example, when installing the Solidcore client package on the Windows operating system, selectWindows as the target platform.



b Select the Install action.


d Set branch to Current for new packages.





9 Specify scheduling details and click Next.

10 Review and verify the task details and click Save.


On all UNIX platforms, if you are using McAfee Agent 4.5 (earlier than patch 1), restart the McAfeeAgent service after you install, uninstall, or upgrade the Solidcore agent.

12 Restart the endpoints.

Verify the Solidcore client upgradeVerify that the Solidcore client was upgraded successfully on an endpoint.



2 Select a group or endpoint from the list to view details for the selected node in the Systems tab.

3 Review logs from the McAfee ePO console.

a Select an endpoint on the Systems page.

b Select Actions | Agent | Show Agent Log to view the agent log for the endpoint.

By default, agent logs are not enabled on the McAfee ePO console. For information about how toenable agent logs, see McAfee ePolicy Orchestrator Product Guide.

c Check the log to verify if the software was successfully upgraded at the endpoint.

4 Review the properties for the endpoint.


Typically, information is exchanged between the agent and server after the agent-servercommunication interval (ASCI) lapses. The default ASCI value is 60 minutes. Send an agentwake-up call to ensure immediate communication and data exchange between the server andthe agent, without waiting for the ASCI to expire.

b Click an endpoint on the Systems page to view details for the selected endpoint.

c Select the Products tab and review the Solidcore version. Click the row to review additionalinformation, including the product version and installation path.

If the Solidcore information is not listed or is incorrect, check the log files on the endpoint toverify if the software was successfully upgraded at the endpoint. If the Solidcore client upgradefails, the log files provide information about the cause for failure. For more information aboutlog files, see McAfee Change Control and McAfee Application Control Installation Guide forstandalone configuration.

Upgrading the softwareUpgrade the Solidcore client 2


Place the endpoints in Enabled mode If you did not upgrade in Enabled mode, you must place the endpoints in Enabled mode after youupgrade the Solidcore client.

• If you upgraded in Update mode, exit Update mode to place the endpoints back in Enabled mode.

• If you upgraded in Disabled mode, enable the Solidcore client.

• If you upgraded in Observe mode, exit Observe mode and place the endpoints in Enabled mode.

For information about how to exit Update, Disabled, or Observe mode, see McAfee Change Control andMcAfee Application Control Product Guide.



3 Uninstalling the software

If you are no longer using the software, uninstall Change Control or Application Control.

Contents Remove the Solidcore client Remove the Solidcore extension Remove the Solidcore client package

Remove the Solidcore clientTo discontinue use of the software, remove the Solidcore client from the endpoints.


1 Place the endpoints in Disabled mode.

For detailed information, see McAfee Change Control and McAfee Application Control Product Guide.

2 Restart the endpoints.






6 Select the McAfee Agent product, Product Deployment task type, and click Create New Task to open the ClientTask Catalog page.





b Select Remove.


d Set branch to Current for new packages.

3



11 Specify scheduling details and click Next.

12 Review and verify the task details and click Save.


14 Verify the Solidcore client removal.


Typically, information is exchanged between the agent and server after the agent-servercommunication interval (ASCI) lapses. Default ASCI value is 60 minutes. Send an agentwake‑up call to make sure immediate communication and data exchange between the serverand the agent, without waiting for the ASCI to expire.

b Click an endpoint on the Systems page to view details for the selected endpoint.

c Click the Products tab and make sure that Solidcore is not listed.

Remove the Solidcore extensionTo discontinue use of the software, remove the Solidcore extension from the McAfee ePO server.



2 Select Solidcore from the Extensions list.

3 Click Remove.

4 Verify that the Solidcore product name no longer appears in the Extensions list.

If the product name is not removed or you encounter errors during uninstall, review the Orion.logfile in the <install directory>\Server\Logs directory to analyze failure cause.

5 (Optional) If you are using McAfee ePO 4.6, perform these steps to remove all default anduser-defined dashboards and reports.

• Remove all Solidcore dashboards.

1 On the McAfee ePO console, select Menu | Reporting | Dashboards to open the Dashboards page.

2 Review the items in the Dashboard list.

3 Delete these dashboards.

• Solidcore: Application Control • Solidcore: Inventory

• Solidcore: Change Control • Solidcore: Health Monitoring

• Solidcore: Integrity Monitor

3 Uninstalling the softwareRemove the Solidcore extension


• Remove the Solidcore queries.

1 On the McAfee ePO console, select Menu | Reporting | Queries & Reports.

2 Expand the Shared Groups category and delete these folders.

• Application Control

• Change Control

When you remove queries, the Application Control and Change Control folders are deletedincluding all queries contained in the folders. If you want to save a query, save the specific queryin a different folder.

Remove the Solidcore client packageAfter you uninstall the software, remove the Solidcore client package from the McAfee ePO server.


1 On the McAfee ePO console, select Menu | Software | Master Repository to open the Packages in MasterRepository page.

2 Select Delete for a package.

Uninstalling the softwareRemove the Solidcore client package 3


3 Uninstalling the softwareRemove the Solidcore client package


A Create builds for unsupported Linuxkernels

Here is information about how to create builds for unsupported Linux kernels.

In the 6.1.4 release, we have added support for numerous kernels. This allows you to directly installthe software on kernels listed in KB82066. If you want to install on a kernel that is not listed inKB82066, you can perform one of these tasks:

• Create a build file for the target kernel (on a testbed) and deploy the build to other productionendpoints using McAfee ePO Endpoint Deployment Kit (EEDK) or manually.

• Request for kernel support through the McAfee Accept portal by filing a Product EnhancementRequest (PER). The Product Management team will accommodate the kernel in upcoming kernelrelease cycles. For information about how to submit a PER, see KB60021.

What are the possible deployment scenarios?

The installation workflow on the Linux operating system varies based on whether the target kernel issupported. Review KB82066 to verify whether support is available for the target kernel.







How do I install when the target kernel is supported?

Query Response

Has anything changed for me since the previousrelease?

No. If the target kernel is supported, directinstallation occurs on the kernel.

Do I need to take care of any prerequisites? None.

How do I install? Perform the steps listed in Install the Solidcoreclient on the endpoints.

How do I install on an unsupported target kernel?

Starting with the 6.1.0 release, we have included capability to create kernel modules for targetkernels. You can automatically create build on a testbed and deploy the kernel module to productionendpoints running the same kernel using EEDK or manually.

A Create builds for unsupported Linux kernels


Component Prerequisites How do I install?

Testbed Make sure that these tools are installed on thetestbed. Any non-conformance to the listedbuild environment results in build andinstallation failures.

Make sure that the testbed meets theprerequisites and then follow theinstructions listed in Install theSolidcore client on the endpoints.The needed build is placed in the<install directory>/dks directoryof the testbed and the software isinstalled on the testbed.

Build andpackaging tools

• gmake (provided bypackage make)

• gcc (provided by packagegcc)

• ld (provided by packagebinutils)

• ar (provided by packagebinutils)

• rpmbuild (provided bypackage rpm-build on RedHat and package rpm onSUSE)

• cpio (provided by packagecpio)

Package versions should bethe same as the versions thatare packaged with thedistribution ISO.

Kbuildframework

Make sure that framework isinstalled under /lib/modules/<kernelversion>/build/(provided by packagekernel-source on SUSE 10,linux-headers on Ubuntudistributions, and packagekernel-devel on otherdistributions).

Create builds for unsupported Linux kernels A


Component Prerequisites How do I install?

Kernel sourcepackage

If you are running a 3.5.x orlater kernel, make sure thatyou download the kernelsource package and place itin the /usr/src directory.

Productionendpoints

• No build or package tools are needed onproduction endpoints.

• Make sure that you create the /opt/solidcore directory on each productionendpoint. This directory does not exist bydefault and must be manually created.

1 Create the /opt/solidcoredirectory on each productionendpoint.

2 Fetch the created build from the<install directory>/dksdirectory of the testbed.The file name includes kerneldetails. The naming conventionfollowed for the builds issolidifier‑kmod‑<rel>‑<build>.<distro>.<kernel>.<arch>.<ext>.

• <distro> — the availabledistributions. LEL5 represents RedHat Enterprise Linux 5, LEL6represents Red Hat EnterpriseLinux 6, LSES10 represents SuSEEnterprise Linux 10, LSES11represents SuSE Enterprise Linux11, and LUBT12 representsUbuntu 12.

• <kernel> — the kernel for whichthe build was created.

• <arch> — i386 for 32-bitarchitecture and x86_64 for AMD64-bit architecture.

• <ext> — .deb for Ubuntuand .rpm for other distributions.

Here is an example of a buildcreated for the Red Hat EnterpriseLinux 6 version:

solidifier‑kmod‑6.1.0‑9321.LEL6.2.6.32‑279.2.1.el6.i686.i386.rpm

3 Distribute the created build toproduction endpoints (to the /opt/solidcore directory) running thesame kernel using EEDK ormanually. For more information, seeHow do I distribute builds toendpoints using McAfee EEDK.

4 Follow the instructions listed inInstall the Solidcore client on theendpoints.



How do I distribute builds to endpoints using McAfee EEDK?

McAfee ePO Endpoint Deployment Kit (EEDK) integrates with McAfee ePO versions 4.5, 4.6, 5.0, and5.1 to provide a packaging tool for creating McAfee ePO deployable packages. Use the McAfee EEDKtool to create a package of the compiled kernel modules and the EEDK script.

Compiled kernelmodules

Represent one or more kernel modules (kmod rpm packages) built for varioustarget kernel versions.

EEDK script Allows you to distribute the compiled kernel modules to production endpointsrunning Application Control and Change Control (version 6.1.0 and later).Download the EEDK script from the 6.1.0 patches section of the McAfeeDownloads website.

When you deploy the package created by EEDK on the target endpoints, the EEDK script copies thekernel module files specific to the platform and architecture of the target endpoints. These files arethen reused by the Solidcore client on all endpoints that are running the same kernel.

1 Download the EEDK tool. For more information about the tool, see the documents available withthe EEDK tool package.

2 Identify all kernels where kmod rpm distribution is required using the EEDK script.

3 Create the kernel modules (kmod rpm packages) for all identified kernels by executing builds oncorresponding testbeds.

4 Place these files in a single directory on a Windows system:

• EEDK script

• One or more kernel modules (kmod rpm packages built for various target kernels)

5 Click EEDK.exe to run the EEDK tool.

6 Specify these values:

• Path to folder containing needed kernel modules and EEDK script.

• Name to identify the package. For example, you can specify the Product Name as MACEEDK.

• ID to distinguish the package from the previously created packages. For example, you canspecify the Product ID as 5000.

• Version to indicate the package version.

• Description text that represents the product name listed in the McAfee ePO master repository.Use this field to distinguish the EEDK package from other packages in the master repository.

• Command to execute using the ./<eedk_script> [MAC/MCC Version] syntax. Here <eedk_script> is the name of the EEDK script. The Application Control or Change Control (MAC/MCC)version argument is optional, and you must specify it in the form of<Major>.<Minor>.<Patch>-<Build>, for example, 6.1.0-9500. If you provide the versioninformation, the script will copy the kmod packages only for the specified Application Control orChange Control version to the /opt/solidcore directory. However, if the script doesn't find therpm file for the specified version in the package, it considers that no version information isprovided and tries to copy the kmod packages for all Application Control or Change Controlversion to the /opt/solidcore directory.

7 Select the Linux checkbox in the OS Support field.

For all other fields, do not change the default values.

8 Navigate to Tools | Options and specify the folder to store the created package in the Build Folder field.

9 Click Save to return to the main screen.



http://www.mcafee.com/in/downloads/downloads.aspx

http://www.mcafee.com/in/downloads/downloads.aspx

https://community.mcafee.com/docs/DOC-3401

10 Click Build Package.

11 Check in the created package to the McAfee ePO master repository.

12 Verify that the name specified in the Product Description field is listed in the master repository.

13 Create a product deployment task for this EEDK package using McAfee ePO and push the packageto the target endpoints.

Pushing the product deployment task creates the /opt/solidcore directory and copies therespective kmod rpm packages to the endpoints. If the /opt/solidcore directory does not exist oris empty, review the macc_eedk.log_<timestamp> file in the /tmp directory to analyze the failurecause.

14 Perform one of these steps:

• For Solidcore client installation or upgrade — Push product deployment task for Solidcoreclient from McAfee ePO to the target endpoints.

• For kernel upgrade (Solidcore client is already installed on endpoints) — Restartendpoints in the new kernel.



How does installation occur?

When you run the Product Deployment task, the software executes the installation script to performinstallation. The installation script performs these checks and tasks.



B Frequently asked questions

Here are answers to frequently asked questions.

Can the same Solidcore client be used for Change Control and Application Control?

The license key determines the features available for use; any or all features can be used at a time. Atany time, you can add and enable a new stock-keeping unit (SKU) on an endpoint where the Solidcoreclient is enabled. For example, if you are currently using Change Control and want to add and useApplication Control, complete these steps.

1 Disable the Solidcore client on the endpoint.

For more information, see McAfee Change Control and McAfee Application Control Product Guide.

2 Enter the license.

For more information, see Specify licenses.

3 Enable the Solidcore client on the endpoint.

For more information, see Enable the Solidcore client.

Can the Solidcore client be deployed on a virtual machine?

The Solidcore client works on a virtual machine if the operating system installed on the virtualmachine is supported by the Solidcore client. For a list of the supported platforms, see KB76459 (forChange Control) and KB73341 (for Application Control).

Can I use third-party software to distribute and deploy this software?

You can install, upgrade, or uninstall the Change Control and Application Control software usingthird-party tools, such as Microsoft System Center Configuration Manager. For more information aboutsoftware distribution, see the documentation for your third-party tool.

Before using a software distribution tool, assign updater privileges to relevant binary files of the tool.For more information about how to add updaters, see McAfee Change Control and McAfee ApplicationControl Product Guide.

How can I upgrade the kernel on my Linux system where Change Control orApplication Control is installed?

1 Place Change Control or Application Control in Update mode. For information about how to placethe system in Update mode, see McAfee Change Control and McAfee Application Control ProductGuide.

2 Install the new kernel.

3 Exit Update mode and place Change Control or Application Control in Enabled mode. Forinformation about how to exit Update mode, see McAfee Change Control and McAfee ApplicationControl Product Guide.




4 Review KB82066 to verify whether the target kernel is supported.

5 Perform one of these steps.

• If the target kernel is supported, boot with the new kernel to upgrade the software.

• If the target kernel is not supported, create a build on a testbed and then install on the endpointusing the created build.

1 Make sure that the testbed meets the needed prerequisites. For detailed information, seeCreate builds for unsupported Linux kernels.

If the target kernel is not supported and you have filed a PER to get support, upgrade thesoftware before booting with the new kernel.

2 Perform one of these tasks:

• If Change Control or Application Control was already installed on the testbed, boot withthe new kernel to upgrade the software.

• If Change Control or Application Control is not installed on the testbed, install thesoftware on the testbed by following the instructions listed in Install the Solidcore clienton the endpoints.

3 Create the /opt/solidcore directory on the endpoint.

4 Fetch the created build from the <install directory>/dks directory of the testbed andplace it in the /opt/solidcore directory of the production endpoints. You can deploy thebuild to production endpoints using EEDK or manually. For detailed information about usingEEDK, see Create builds for unsupported Linux kernels.

5 Boot with the new kernel to upgrade the software. Regardless of the mode in which theChange Control or Application Control is running, the software automatically detects the newkernel.

I installed Change Control or Application Control on kernel 2.6.32–279.EL6.x86_64. Will my existing setup work accurately if I upgrade to 2.6.32–279.1.1.EL6.x86_64, 2.6.32–279.2.1.EL6.x86_64, or any other similar kernel?

While it seems like only minor differences exist between the kernels, 2.6.32–279.1.1.EL6.x86_64 and2.6.32–279.2.1.EL6.x86_64 are different from the installed kernel 2.6.32–279.1.1.EL6.x86_64.Because these kernels are different, you must follow the workflow that you would follow when youupgrade the kernel.

To verify if two kernels are the same, check the output of the uname -r for both kernels. If the outputsfor both commands match, the kernels are that same. A few accepted exceptions exist for SuSE 11.For example, if kernel 3.0.80–0.7.1 is installed, output for the uname -r command kernel is 3.0.80–0.7.

I installed Change Control or Application Control and am now unable to place myLinux endpoint in Enabled mode. Alternatively, I am unable to place my Linuxendpoint in Enabled or Update mode from Disabled mode. What could be thecause?

If your target kernel is not supported, the software automatically creates the required build for theinstalled kernel (if all prerequisites are available). After installation is complete, the software runs thesanity suite to validate the installation. You might be unable to place the endpoint in Enabled mode ifthe sanity suite fails. Review the properties for your Linux system to verify the status of the sanitysuite.




1 Wake up the agent to fetch properties immediately.

Typically, information is exchanged between the agent and server after the agent-servercommunication interval (ASCI) lapses. Default ASCI value is 60 minutes. Send an agent wake-upcall to make sure immediate communication and data exchange between the server and the agent,without waiting for the ASCI to expire.

2 Click the Linux system on the Systems page to view details for the endpoint.

3 Click the Products tab.

4 Click the Solidcore row and verify the value for the Build Validation property. Contact McAfee Support ifthe value is Failed.

How can I determine if I need to restart an endpoint running the Windowsoperating system after I upgrade from the 6.1.3 version of Change Control orApplication Control?

Determine ifyou need torestart aspecificendpoint

1 Click the endpoint on the Systems page to view details for the selected endpoint.

2 Click the Products tab.

3 Click the Solidcore row to view product details.

4 Review the value for the Upgrade Status property.

Determine ifyou need torestartmultipleendpoints

1 On the McAfee ePO console, click Menu | Reporting | Queries and Reports

2 Complete one of these steps.

• From the McAfee ePO 5.0 console, select McAfee Groups | Application Control.

• From the McAfee ePO 4.6 console, select Shared Groups | Application Control.

3 Click Actions | New.

4 Select the Solidcore from the Feature Group list, Solidcore Client Properties as the Result Type,and click Next.

5 Select Table in the Display Results As list, select System Name in the Sort by list, and clickNext.

6 Add the Upgrade Status property and click Next.

7 Click Run to view details for the endpoints in your setup.

On the Ubuntu platform, I am trying to create a kernel module for a target kerneland have completed the prerequisites for the testbed. However, I am still unableto create a build for a target kernel.

Before you create a kernel module for a 3.5.x or later kernel on the Ubuntu platform, you must installthe source package of the kernel. Verify the folder name of the kernel source package that is placed inthe /usr/src directory. Make sure that the folder name is similar to linux‑lts‑<release‑name>‑<kernel x.x.x>.

For example, if you are running the 3.8.0-41-generic kernel, the corresponding directory is /usr/src/linux‑lts‑raring‑3.8.0. Similarly, for kernel 3.5.0-23-generic the corresponding directory is /usr/src/linux‑lts‑quantal‑3.5.0.

Frequently asked questions B


Index

Aabout

licenses 9Solidcore client 9Solidcore extension 8

about this guide 5activation, See Enabled mode addition

licenses 9Solidcore client package 10, 20

agent logs 12, 23

agent-server communication interval 12, 23, 25

Application Controlkernel upgrade 37

place in Enabled mode 13, 24

prerequisites 7Solidcore client 37

ASCI, See agent-server communication interval

CChange Control

kernel upgrade 37


prerequisites 7Solidcore client 37

conventions and icons used in this guide 5

Ddashboards, Solidcore 26

database sizing 7deployment scenarios for Linux 29

Disabled mode 21, 24

documentationaudience for this guide 5product-specific, finding 6typographical conventions and icons 5

EEnabled mode

about 13, 21, 24

troubleshoot on Linux 37

evaluation licenses 9

Ffix inconsistencies

policies 18

rule groups 18

Gguidelines

Active Directory 17, 18

database sizing 7installation on Linux 11

remove queries 26

supported platforms 7system requirements 7uninstall 26

UNIX platforms 11, 21

upgrade 17, 18

upgrade on Linux 21

Iinstallation

deployment scenarios for Linux 29

Solidcore client 11

Solidcore extension 8, 9verify 12

workflow on Linux 29

Llicenses 9Linux

build location 29

deployment scenarios 29

installation guidelines 7, 11

installation workflow 29

kernel upgrade 37

prerequisites 7reuse builds 29

troubleshoot 37

upgrade guidelines 21

Mmanaged platform, supported versions 8


McAfee Agentabout 7on UNIX platforms 11, 21

McAfee ePO 7McAfee ServicePortal, accessing 6migration, See upgrade modes

Disabled 21, 24

Enabled 13, 21, 24

Observe 21, 24

Update 21, 24

OObserve mode 21, 24

Ppackage

add automatically using Software Manager 10

add manually 10, 20

add using Software Manager 21

remove 27

policieschange default 21

fix inconsistencies 18

prerequisites 7

Qqueries, Solidcore 26

Rremoval

dashboards 26

queries 26

Solidcore client 25

Solidcore client package 27

Solidcore extension 26

rule groupsfix inconsistencies 18

McAfee publishers 21

SServicePortal, finding product documentation 6Solidcore client

about 9download package 7for virtual machines 37

Solidcore client (continued)install 11

install package 10, 20


remove package 27

supported platforms 9uninstall 25

upgrade 20, 21

verify install 12

verify upgrade 23

Solidcore dashboards 26

Solidcore extensionabout 8file name 7install manually 8install using Software Manager 9uninstall 26

upgrade manually 17

upgrade using Software Manager 18

Solidcore queries 26

supported management platform versions 8supported platforms 7, 9system requirements 7

Ttechnical support, finding product information 6

Uuninstallation

guidelines 26

Solidcore client 25


verify 25

UNIX platforms 11, 21

Update mode 21, 24

upgradeSolidcore client 20, 21


verify 23

Vverification

install 12

software, enabled 13, 24

uninstall 25, 26

upgrade 18, 23

Index


Change Control and Application Control 6.2.0 Installation Guide for use with ePO 4.6… ·...

Documents

Transcript of Change Control and Application Control 6.2.0 Installation Guide for use with ePO 4.6… ·...