Recommended Solutions for Installing McAfee...

Recommended Solutions for Installing McAfee Antivirus Products on PvD, Shared and Custom Virtual Machines

Applicability This document provides instructions for deploying certain McAfee antivirus products in Shared and PvD

virtual machines (VMs) deployed via Citrix Systems’ Synchronizer product. The information contained in

this document is applicable to:

McAfee Agent 4.8.x and above

McAfee VirusScan Enterprise and AntiSpyware Enterprise 8.8.x

McAfee ePO Deep Command Discovery Plugin 2.1.x and above

McAfee DLP Endpoint 9.3.x and above

McAfee Host Intrusion Prevention 8.0.x

McAfee Deep Defender 1.6.x

Endpoint Intelligence Agent 2.5.x

The instructions contained in this document have been verified against the applications listed above but

they may also be applicable to other McAfee software packages.

Summary This document is organized into three areas:

General steps to configure McAfee Agent

Installing McAfee Agent on golden image VMs

Publishing McAfee Agent on an installed VM

Use the appendices in this document for additional information and code samples.

Configuring the McAfee Agent This section provides an example for configuring McAfee Agent prior to setting up the golden VM image

in Synchronizer and publishing it to an end user. It includes the following:

Creating a Custom Agent Installation Package

Creating a Custom Tag to Migrate all Synchronizer-deployed VMs to a Selected Group

Assigning the Custom Tag to a Subgroup

Creating a Client Task

Assigning the Client Task to a Subgroup

Creating Managed On Demand Scan Task

Assigning Managed On Demand Scan Task to a Subgroup

Communication may be Rejected by ePO Server due to Sequence Number Conflict for re-

provisioned VM

Creating a Custom Agent Installation Package To create a custom agent installation package:

1. Login to McAfee ePolicy Orchestrator. 2. Click Menu -> System Tree under the Systems Section, and then click the New Systems button. 3. On the radio buttons to the right of “How to add systems”, select “Create and download agent

installation package”. 4. Next, click the “Windows” radio button and select McAfee Agent for Windows from the pull

down menu. 5. Select or deselect Embed Credentials in Package. If selected, enter the appropriate credentials

for agent installation; click Remember my credentials for future deployments to save these credentials the next time you complete this task.

6. Click OK to generate the installation package. 7. When prompted, select the file to download. Click to open the file, or right-click to save the file. 8. Copy the agent installation package, FramePkg.exe, from your McAfee ePO server to a shared

folder on a network server accessible by the golden image VM.

Creating a Custom Tag to Migrate all Synchronizer-deployed VMs to a Selected Group The following sections describe the steps to bundle together all Synchronizer-deployed VMs into an

ePolicy Orchestrator group for ease of managing those VMs; this is just an example. You may choose to

organize Synchronizer VMs in any way that fits your organization’s needs.

To create a custom tag:

1. Login to McAfee ePolicy Orchestrator. 2. Click Menu ->Tag Catalog under the Systems Section, and then click the New Tag button. 3. Enter a Name and Description for the tag (for example, XenClient or DesktopPlayer); click Next. 4. Under Available Properties, click Custom 1 and enter values as shown below:

5. Click Next.

6. Select the “On each agent-server communication” and when a “Run Tag Criteria” action is

taken” as the evaluation criteria.

7. Click Next and Save to retain the tag.

You can also specify Custom 2, Custom 3 and Custom 4 if Custom 1 criteria is in use.

Assigning the Custom Tag to a Subgroup You can now associate the new tag with a subgroup in which the clients can be bundled together:

1. Login to McAfee ePolicy Orchestrator. 2. Click Menu -> System Tree under the Systems Section then click New Subgroup by selecting My

Organization under the System Tree. 3. Enter a Name for the Subgroup (for example, XenClient) and click OK. 4. Under the System Tree panel, click to select the newly created subgroup. Proceed to click the

Group Details tab (on the main panel). 5. Edit Sorting Criteria. 6. Select Systems that match any of the criteria below (IP addresses and/or tags).

7. Click Add Tags; then select the newly created tag. 8. Click OK and then Save.

Creating a Client Task To create a client task:

1. Login to McAfee ePolicy Orchestrator. 2. Click Menu ->Client Task Catalog under Policy. 3. Select Product Deployment under McAfee Agent and then click the New Task button. 4. Select Product Deployment as the Task Types and click OK. 5. Create a task by selecting the required Product and Components; an example of selected

products is illustrated below. To add more components, click the “+” button. When done, click Save.

Assigning the Client Task to a Subgroup To assign the client task to a subgroup:

1. Login to McAfee ePolicy Orchestrator 2. Click Menu ->System Tree under the Systems Section then click on the group name you

previously created and displayed under My Organization. 3. Click the Assigned Client Tasks tab (on the main panel). 4. Click Action -> New Client Task Assignment. 5. Select McAfee Agent from the Product list, Product Deployment from Task Type, and the newly

created task from Task Name. Click Next. 6. Set the Schedule type as Run immediately then click Next and Save.

Creating Managed On Demand Scan Task To create a managed on demand scan task:

1. Login to McAfee ePolicy Orchestrator. 2. Click Menu ->Client Task Catalog under Policy. 3. Select On Demand Scan under VirusScan Enterprise 8.x.x and then click the New Task button. 4. Enter Task Name (for example, “XenClient On Demand Scan”) and Description for the task 5. Select / Enter your choices for Scan Location, Scan Items, Exclusions, Actions, Performance,

Report and Task 6. Click Save.

Assigning Managed On Demand Scan Task to a Subgroup To assign managed on demand scan task to a subgroup:

1. Login to McAfee ePolicy Orchestrator 2. Click Menu ->System Tree under the Systems Section then click on the group name you

previously created and displayed under My Organization. 3. Click the Assigned Client Tasks tab (on the main panel). 4. Click Action -> New Client Task Assignment. 5. Select VirusScan Enterprise 8.x.x from the Product list, On Demand Scan from Task Type, and

the newly created On Demand scan task from Task Name. 6. Select “Send this task to only computers which have the following criteria” next to “Tags:” and

click edit link next to “Has any of these tags:” and check previously created tag from Tags. Click Next.

7. Select / Enter your choices for Schedule status, Schedule type, Effective period, Start time, Task runs according to, Options and Click Save

Note: If the ePO administrator wants to create and deploy a new Managed On Demand Scan Task, it’s

mandatory to follow the Creating Managed On Demand Scan Task and Assigning Managed On Demand

Scan Task to a Subgroup steps even after publishing the golden VMs. This will allow already deployed

VMs to also receive the newly assigned On Demand Scan Task(s).

Communication May Be Rejected by ePO Server Due to Sequence Number Conflict for

Re-provisioned VM If the Synchronizer administrator re-provisions a user VM with a backup, communication to the ePO

server may fail when a McAfee agent contacts the server because of a lower sequence number than the

one expected by the ePO server.

This scenario occurs when:

1. A backup is taken from the client computer, storing the last sequence number used to

communicate with the ePO server, for example sequence number 10.

2. After the backup, the client continues to run and contact the ePO server before the VM is

stopped and re-provisioned. During this period of execution, the sequence number continues

to increase and by the time the VM was stopped, it may have increased to, say, sequence

number 15.

3. The virtual machine is re-provisioned, and restored from the last backup, which contained an

outdated sequence number. In our example, the VM would continue to use sequence number

10.

In the scenario provided above, the ePO server expects a sequence number 16, and the client sends a

sequence number 11. As a result, the ePO server rejects the client communication request due to an in

valid, or duplicate, sequence number.

Note: For additional information, refer to the McAfee Knowledge Center.

To resolve this issue, disable sequence error checking on the ePO server:

1. Locate the file “C:\Program Files(x86)\McAfee\ePolicy Orchestrator\DB\server.ini”.

a. Edit the file by adding “ConnectionsRequireValidSequenceNumber=0” under the

[Server] section.

b. Re-start the” McAfee ePolicy Orchestrator 5.x.x Application Server” service.

Conducting these steps allows re-provisioned clients to communicate with the ePO server.

Installing McAfee Agent on Golden VMs This section describes the procedure for installing McAfee Agent on VMs created on Synchronizer.

These VMs are commonly referred to as golden VMs or golden images because they are the master

image that is cloned and delivered to the endpoints.

To install McAfee Agent on a golden VM:

1. Boot a Synchronizer VM and copy the previously-created McAfee installation package, FramePkg.exe, to the C:\ drive.

2. Open a command prompt as administrator and navigate to the FramePkg.exe file path. 3. Run the following command to install McAfee Agent and to get the client under the required

subgroup on ePolicy Orchestrator: FramePkg.exe /Install=Agent /CustomProps1="Property Value 1” Where, Property Value 1 = “Custom 1” property value created in the previous section Creating a Custom Tag to Migrate all Synchronizer-deployed VMs to a Selected Group.

https://kc.mcafee.com/corporate/index?page=content&id=KB65611

Note: If your custom tag (created in Custom Tag to Migrate all Synchronizer-deployed VMs to a Selected Group) contains more than 1 comparison using Custom Property values, use the syntax below: FramePkg.exe /Install=Agent /CustomProps1="Property

1"/CustomProps2="Property 2" /CustomProps3="Property 3"

/CustomProps4="Property 4"

4. Within ten minutes, the agent calls in to the McAfee ePO server for the first time. As needed, bypass the ten-minute interval by forcing the agent to call. Use this command at an administrator command prompt: If Agent Version >= 5.0

"C:\Program Files\McAfee\Agent\cmdagent" /p

If Agent Version < 5.0

On 64-bit VMs: “C:\Program Files (x86)\McAfee\Common Framework\cmdagent” /p

On 32-bit VMs: “C:\Program Files\McAfee\Common Framework\cmdagent” /p

5. Make sure all assigned Product and Components were installed (see Creating a Client Task and Assigning the Client Task to a Subgroup).

Note: Systems on which McAfee Agent is installed manually are now located under a Subgroup of the McAfee ePO system tree to which the custom tag was applied (see Assigning the Custom Tag to a Subgroup).

Prepare and Publish the Golden VM for Deployment Perform these steps to prepare and publish the golden VM for deployment:

Prepare the VM for Publishing

1. In Synchronizer versions older than 5.5, you need to modify the file that disables the McAfee

services during publish. This operation is not needed in Synchronizer v5.5 and newer, as these

files have already been modified for you.

a. Create a backup copy of “disableServicesXXX.txt” in the Synchronizer’s configuration

directory (typically C:\Program Files\Citrix\Synchronizer\conf). XXX represents the OS

type (XP, VISTA, WIN7, WIN8, etc.) of the VM to be published.

b. Edit “disableServicesXXX.txt” and remove ALL entries that deal with McAfee services.

These entries are the ones listed Appendix A; after removing the entries, add only the

entries listed in Appendix B.

2. Copy the scripts “publishExtend-McAfee.cmd“ and “publishExtend.cmd” found in the Synchronizer’s “C:\Program Files\Citrix\Synchronizer\conf\scripts” directory to "C:\" of the VM to be published. In Synchronizer 5.5 and earlier, these scripts do not exist. Copy the contents of Appendix C and Appendix D in to the respective files. Make sure that long lines, such as the registry key name, are not entered as two separate lines but rather one long line.

3. Shutdown the VM and publish the VM using Synchronizer.

Create and Apply an OS Profile to Preserve McAfee Files and Registry Keys When a new VM is published, specific McAfee files and registry keys must be re-applied at the client to

the new VM version in order for the McAfee ePO Manager to continue identifying it as the same client.

This is done via an OS Profile rule that tells the clients to save and restore these keys.

Create OS Profile Definition

In Synchronizer versions older than 5.5, an OS Profile definition must be created by the administrator

and imported into Synchronizer.

Note: In Synchronizer version 5.5 and newer, an OS profile definition is automatically imported and

available under the “Definitions” folder as “McAfee VirusScan Enterprise”; if you are using the latest

Synchronizer, you can skip this section.

1. In Synchronizer, copy the contents of Appendix E into an editor and save the file with an XML

extension (for example, McAfee-VirusScan-OS-Profile.xml). Make sure that long lines, such as

the registry key name, are not entered as two separate lines but rather one long line.

2. Import the OS profile by navigating to the “Polices” folder -> Virtual Machines -> OS Profiles - >

PVD -> Definitions. The “OS Profile Definition Actions” panel will be displayed on the right; in

this area, there will be an “Import” button. Click Import to display a file browser in which you

can specify the location and file name of the OS Profile you created above. Click Finish to

complete the operation.

3. After importing the OS Profile, it appears in the Synchronizer interface labeled “McAfee

ScanVirus Enterprise”. Click the definition name to display its contents (which consists of

registry keys, as illustrated below; a similar definition is also available for Shared VMs).

Create OS Profile Policy with McAfee Support

In order to properly preserve specific McAfee files and registry, you must create an OS Profile policy which uses the McAfee VirusScan Enterprise definition:

1. To create a policy for a PvD VM, start by navigating to “Policies” -> “Virtual Machine” -> “OS

Profile” -> “PVD”. On the right pane, you will see the “Policy Actions” and a “Create” button;

click Create to display a drop-down menu:

2. In the Create menu, select OS Profile (PVD). The Create OS Profile (PVD) Policy screen appears.

3. In the Create OS Profile (PVD) Policy screen, enter a name for the policy (e.g., McAfee OS Policy

for PVD VMs), specify a description, and click Next.

4. Select the Mcafee VirusScan Enterprise definition and assign it using the checkbox. Click Finish.

The new profile is ready to be assigned to a PvD VM.

5. For Shared VMs, repeat the above steps but select the “Shared and Custom” Folder under “OS

Profile.”

Note: Do not perform below step when the VM is being published; wait for the publish process to

finish and then apply the policy.

6. In the Virtual Machines section of the Synchronizer interface, select the VM that will receive the

new policy. Select the Policies tab; in the OS Profile field, select the name of the profile you

created above (e.g. McAfee OS Policy for PVD VMs / McAfee OS Policy for Shared VMs) from

the drop-down menu. Click Save in the upper right portion of the interface to apply the change.

Note: For Custom VMs, you should not assign McAfee OS Policy as unique McAfee client information(s)

persists across reboots.

7. Assign the VM to a user; the unique McAfee client ID will now be preserved if that VM is

restored from backups or re-provisioned to another computer.

Note: In order to preserve the client ID, the administrator must allow user backups to take place; at

least one backup should have taken place before the VM is restored or migrated to a different

computer. Otherwise, the client ID will be lost and a new one created upon re-provisioning of the VM.

Appendix A

Partial contents of disableServicesWIN7.txt in Synchronizer versions older than 5.5.

Appendix B Add the following entries to disableServicesWIN7.txt:

; -- Start of McAfee Agent services

McAfeeFramework

McShield

McTaskManager

McAfeeDLPAgentService

HipMgmt

enterceptAgent

Telemetryserver

mfevtp

mfefire

scsrvc

macmnsvc

masvc

mfemms

; -- End of McAfee Agent services

Note: Add missing McAfee missing services to the list above if any additional ones are located in

“services.msc”.

Appendix C

Use the information in this Appendix to create a DOS “cmd” file that will be used during the VM publish

phase. These contents need be copied to a file called “publishExtend.cmd” and placed in the VM’s C:\

drive.

REM --- McAfee Agent

if exist c:\publishExtend-McAfee.cmd (

call c:\publishExtend-McAfee.cmd

if ERRORLEVEL 1 exit /b 1

)

REM --- We are done here. Script will return success.

exit /b 0

Appendix D

Use the information in this Appendix to create a DOS “cmd” file that will be used during the VM publish

phase. These contents need be copied to a file called “publishExtend-McAfee.cmd” and placed in the

VM’s C:\ drive.

REM -- Sample publishExtend script when using McAfee Agent with any/all of the below product(s)

installed:

REM -- 1. McAfee VirusScan Enterprise + AntiSpyware Enterprise

REM -- 2. McAfee DLP Endpoint

REM -- 3. McAfee Host Intrusion Prevention

REM -- 4. McAfee ePO Deep Command Discovery Plugin

REM -- 5. McAfee Deep Defender

REM -- 6. McAfee Solidifier

REM -- 7. MySQL for McAfee Quarantine Manager

REM ---------------------------------------------------------------------------------------------

REM -- To use this:

REM -- 1. Copy this script to root of "C:\" drive

REM -- 2. Copy publishExtend.cmd to the root of the "C:\" drive.

REM ---------------------------------------------------------------------------------------------

REM -- What is the Processor Architecture?

SET PROC_ARCH=%PROCESSOR_ARCHITECTURE%

IF "%PROCESSOR_ARCHITEW6432%" == "AMD64" (

SET PROC_ARCH=AMD64

)

REM -- Set Registry path according to Processor Architecture

IF "%PROC_ARCH%" == "x86" (

SET RegValue="HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent"

) ELSE (

SET RegValue="HKLM\SOFTWARE\Wow6432Node\Network Associates\ePolicy Orchestrator\Agent"

)

REM -- Query McAfee AgentGUID

call :reg_query_AgentGUID %RegValue% "AgentGUID"

REM -- If there is an error querying AgentGUID, abort. McAfee may not be installed

IF ERRORLEVEL 1 exit /b 1

REM -- Remove the unique AgentGUID so that it will be re-generated at the client.

call :reg_del_value %RegValue% "AgentGUID"

REM -- If there is an error deleting, Access Protection may not be allowing to delete.

REM -- Try deleting AgentGUID using maconfig.exe

IF ERRORLEVEL 1 goto use_maconfig

REM -- McAfee works properly at client(s) even if we don't delete the below registry keys.

REM -- Hence, don't check for error condition(s)

REM -- Remove the unique ComputerName, LoggedOnUser and MacAddress so that it will be re-

generated at the client.

call :reg_del_value %RegValue% "ComputerName"

call :reg_del_value %RegValue% "LoggedOnUser"

call :reg_del_value %RegValue% "MacAddress"

goto proceed_to_clean_logs

REM -- Try deleting AgentGUID using maconfig.exe

:use_maconfig

call :maconfig_del_AgentGUID

IF ERRORLEVEL 1 exit /b 2

:proceed_to_clean_logs

REM -- Clean up McAfee specific log files from publishing VM which are specific to McAfee

installed system

REM -- Logs files will be re-created at clients

REM -- So that, McAfee ePolicy Orchestrator will show proper report(s) on each client

call :clean_McAfee_logs

exit /b 0

REM ---------------------------------------------------------------------------------------------

REM -- Local Subroutine

REM ---------------------------------------------------------------------------------------------

REM ---------------------------------------------------------------------------------------------

REM -- Query McAfee AgentGUID registry value if it exists

:reg_query_AgentGUID

reg query %1 /v %2

IF ERRORLEVEL 1 @exit /b 1

@exit /b 0

REM ---------------------------------------------------------------------------------------------

REM ---------------------------------------------------------------------------------------------

REM -- Delete software registry value if it exists

:reg_del_value

reg delete %1 /v %2 /f

IF ERRORLEVEL 1 @exit /b 1

@exit /b 0

REM ---------------------------------------------------------------------------------------------

REM ---------------------------------------------------------------------------------------------

REM -- VSE v8.8(and above) by default, Access Protection self-protects against certain changes.

REM -- In order to delete AgentGUID, we need to use "maconfig.exe" with parameters "-enforce" and

"-noguid"

:maconfig_del_AgentGUID

REM -- Default path of maconfig.exe (applicable to both x64 and x86)

SET maconfig_path="C:\Program Files\McAfee\Agent\maconfig.exe"

REM -- In older versions of McAfee, maconfig.exe present under "Common Framework" folder.

IF "%PROC_ARCH%" == "x86" (

IF EXIST "C:\Program Files\McAfee\Common Framework\maconfig.exe" (

SET maconfig_path="C:\Program Files\McAfee\Common Framework\maconfig.exe"

)

) ELSE (

IF EXIST "C:\Program Files (x86)\McAfee\Common Framework\maconfig.exe" (

SET maconfig_path="C:\Program Files (x86)\McAfee\Common Framework\maconfig.exe"

)

)

REM -- Delete AgentGUID by calling maconfig.exe

%maconfig_path% -enforce -noguid > %TEMP%\maconfig.txt

set maconfig_result=false

REM -- Look for string "enforcing noguid passed" from the output file

FOR /f "tokens=*" %%a IN ('type "%TEMP%\maconfig.txt" ^| find /i "enforcing noguid passed"') DO

SET maconfig_result=true

del %TMP%\maconfig.txt

IF NOT %maconfig_result% == true @exit /b 1

@exit /b 0

REM ---------------------------------------------------------------------------------------------

REM ---------------------------------------------------------------------------------------------

REM -- Clean up McAfee specific log files from publishing VM

:clean_McAfee_logs

echo off

SETLOCAL EnableDelayedExpansion

SET McAfee_ProgramData_Path="C:\ProgramData\McAfee"

SET LOG_FOLDERS_LIST[1]="Common Framework|*.log"

SET LOG_FOLDERS_LIST[2]="Common Framework\DB|*.log"

SET LOG_FOLDERS_LIST[3]="Common Framework\DB|*%computername%*"

SET LOG_FOLDERS_LIST[4]="Common Framework\Mesh|*.log"

SET LOG_FOLDERS_LIST[5]="DesktopProtection|*Log.*"

SET LOG_FOLDERS_LIST[6]="DLP\Temp\Logs|*.log"

SET LOG_FOLDERS_LIST[7]="Host Intrusion Prevention|*.log"

SET LOG_FOLDERS_LIST[8]="Host Intrusion Prevention|*Log.txt"

SET LOG_FOLDERS_LIST[9]="Solidcore\Logs|*.log"

SET LOG_FOLDERS_LIST[10]="Telemetry\Logs|*.txt"

SET LOG_FOLDERS_LIST[11]="Agent\logs|*.log"

SET LOG_FOLDERS_LIST[12]="datreputation\Logs|*.txt"

SET /a n=13

SET /a i=1

:loop

IF %i%==%n% GOTO end

SET LOG_FILES_PATH=!LOG_FOLDERS_LIST[%i%]!

FOR /F "tokens=1,2 delims=||" %%A IN (%LOG_FILES_PATH%) DO (

SET LOG_FOLDER="%%A"

SET LOG_FILES_PATTERN=%%B

)

SET LOG_FOLDER_PATH="%McAfee_ProgramData_Path:~1,-1%\%LOG_FOLDER:~1,-1%"

IF EXIST %LOG_FOLDER_PATH% (

DEL /F /Q "%LOG_FOLDER_PATH:~1,-1%\%LOG_FILES_PATTERN%"

)

SET /a i+=1

)

goto loop

:end

echo on

@exit /b 0

REM ---------------------------------------------------------------------------------------------

Appendix E

Use the information in this Appendix to create an OS Profile definition for PVD, Shared and Custom VMs.

Copy and paste into an XML file, (for example,mcafee-viruscan-enterprise.xml).

<?xml version="1.0" encoding="UTF-8"?>

<root>



<feature type="FCD">

<id uuid="d0162aa4-41ac-b6ee-15a7-19235565c94a" version="2"/>

<name>McAfee VirusScan Enterprise</name>

<author>Citrix Systems, Inc.</author>

<description>

Preserve the settings related to McAfee Agent and McAfee VirusScan Enterprise +

AntiSpyware Enterprise softwares.

Tested on Win7 and Win 8.1 using McAfee Agent Versions 4.8.x, 5.0.x and McAfee

VirusScan Enterprise + AntiSpyware Enterprise Version 8.8.x.

</description>

<target os="win7Plus">

<filesystem folder="\Program Files\McAfee" owner="local" merge="true"

conflict="server" copy="false" />

<filesystem folder="\Program Files (x86)\McAfee" owner="local" merge="true"

conflict="server" copy="false" />

<filesystem folder="\Program Files\Common Files\McAfee\Engine" owner="local"

merge="true" conflict="server" copy="false" />

<filesystem folder="\Program Files (x86)\Common Files\McAfee\Engine" owner="local"


<filesystem folder="\Program Files\Common Files\McAfee\DATReputation" owner="local"


<filesystem folder="\Program Files (x86)\Common Files\McAfee\DATReputation"

owner="local" merge="true" conflict="server" copy="false" />

<registry key="HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePolicy

Orchestrator\Agent" preserve="true" merge="false" >

<value name="AgentGUID" />

</registry>

<registry key="HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Network Associates\ePolicy

Orchestrator\Agent" preserve="true" merge="false" >

<value name="AgentGUID" />

</registry>


Orchestrator\Agent\CustomProps" preserve="true" merge="false" />


Orchestrator\Agent\CustomProps" preserve="true" merge="false" />

<registry key="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DLP\Agent\Backup" preserve="true"

merge="false" />

<registry

key="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DLP\Agent\Properties\ActiveSessions" preserve="true"

merge="false" />

<registry key="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection\TaskLastData"

preserve="true" merge="false" />

<registry key="HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\DesktopProtection\Tasks"

<registry

key="HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\McAfee\DesktopProtection\TaskLastData"


<registry

key="HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\McAfee\DesktopProtection\Tasks" preserve="true"

merge="false" />

</target>

</feature>

<feature type="PVD">

<id uuid="e50b052e-50c6-4a3f-a7ec-646ed62dffe7" version="1"/>

<name>McAfee VirusScan Enterprise</name>

<author>Citrix Systems, Inc.</author>

<description>

Preserve the settings related to McAfee Agent and McAfee VirusScan Enterprise +

AntiSpyware Enterprise softwares.

Tested on Win7 and Win 8.1 using McAfee Agent Versions 4.8.x, 5.0.x and McAfee

VirusScan Enterprise + AntiSpyware Enterprise Version 8.8.x.

</description>

<target os="win7Plus">


Orchestrator\Agent" preserve="true" />


Orchestrator\Agent" preserve="true" />

</target>

</feature>

</root>

Recommended Solutions for Installing McAfee...

Documents

Transcript of Recommended Solutions for Installing McAfee...