FramePkg
  • Home
  • About
  • Procedures
    • ePO Upgrade
    • ePO Architecture
    • BackUp ePO
    • How To Uninstall McAfee Client Manually
    • McAfee Drive Encryption
    • TIE Guide - A to Z Steps
  • ePO
  • VSE
  • DLP
  • HIPS
  • Solutions
  • Tips
  • Videos
  • Online Updates

improve performance - Solidcore / Application control

17/8/2017

1 Comment

 
To improve performance, disable the inventory rollback feature as follows:
1.            Launch the command line interface for Solidifier.
2.            Run the following command: 

​sadmin config set IsInvbackupEnabled=0

​This feature is enabled by default and creates a backup copy of the local white-list, so if the white-list corrupts, MACC can recover it from a backup copy immediately rather than be forced to re-solidify the system. This backup copy is created during the boot sequence, which increases system boot time and cause Performance issue which we are investigating but as workaround we recommend to disable it.

If the command is run through ePO using task “run command”, then check the request response and the output of this will be seen under

Menu-> Solidcore client task log -> 
And if done locally, then check under “sadmin config show -d” output

Reboot is not required.

1 Comment

how to know which hotfix or patch is install on msme with epo

19/3/2017

0 Comments

 
How to know which Hotfix or patch was installed on Exchange server with McAfee Security for Microsoft Exchange 8.0, 8.5?

Go to ePO server -> System Tree
Search and click on the exchange server.
Go to Products, Click on McAfee Security for Microsoft Exchange
Under "Product properties for McAfee Security for Microsoft Exchange" -> Hotfix/Patch Version

​you can see which Hotfix or patch is installed.

​
Picture
0 Comments

epo 5.3 New feature - save policy and task while remove extension and/or product

23/10/2016

0 Comments

 
Great Feature ePO 5.3 - Policy and Task Retention 

If you need for any reason to remove an extension, ePO 5.3 give you an option to save all policies, task, etc. so you won't need to manually create them after re-install the extension or check-in the product.

On ePO 5.3 go to Menu -> Server setting -> Policy and Task Retention 

You can choose if to save the tasks & policies or not.
Picture
For example if you choose to Keep policy and client task data, then you remove the extension of Virus Scan
Picture
Now go to Policy Catalog
The Virus Scan policies is exists, but you can't edit, rename or delete
Picture
If you try to enter to the policy you will receive an error
Picture
When you re-install the extension you will have the same policy with normal actions
0 Comments

McAfee endpoint drive encryption - recovery disaster disk  operation system is missing

19/10/2016

1 Comment

 
McAfee Drive Encryption 7.1.3 (DE)

Problem:

When trying to boot from recovery boot disk of McAfee Drive Encryption there is a message 
Operation system is missing.

Solution:

1.  Get a USB Drive of sufficient size to contain the OS installation files you desire to install. (this drive would need to be at least 1 GB in size)
2.  Make sure the drive is completely empty of its contents.  (There should be absolutely nothing on it, if there is and you want to keep this stuff you need to move it elsewhere now.)
3.  Plug your USB drive into a USB slot on your computer. 
4. Make certain the drive is recognized, make a note of the drive letter.  Mine happens to be F:\
5.  Go to the start menu and USING ADMINISTRATOR CREDENTIALS open a command prompt.  I right clicked on command prompt and chose to Run As Administrator.
6.  Once your command prompt is open you are going to run a series of commands using the DiskPart utility. 

Type DISKPART and click Enter
Picture
​Type LIST DISK and click Enter
Picture
Type Select Disk 1 and then click Enter

Type Clean and then click Enter

Type Create Partition Primary and then click Enter

Type Select Partition 1 and then click Enter

Type Active and then click Enter
Picture
Type EXIT and then click Enter

Go to the start menu and USING ADMINISTRATOR CREDENTIALS open a command prompt.  I right clicked on command prompt and chose to Run As Administrator.

Go to the folder that contain the files: Bootdisk.exe, EETech.RTB
​
​Type format F: /FS:FAT32 /V:EETech and then click Enter (​Note: "D" - Volume of USB Device)
Click Enter to Approve
​
Bootdisk.exe EETech.RTB F:
Choose "Yes"
Picture
1 Comment

CREate bootable usb for mcafee drive encryption

7/6/2016

1 Comment

 
How to create a recovery bootable USB device for McAfee Drive Encryption(MDE)

Connect a USB device(DOK) to the computer
Open command line(CMD)
Run the following command:

Format D: /FS:FAT32 /V:EETech
Note: "D" - Volume of USB Device

Bootdisk.exe EETech.RTB D:
Choose "Yes"

To test the device - Restart an Encrypted system and boot the system from the DOK.
Make sure the recovery DOK is in the same version of the Encryption program.

McAfee Drive Encryption 7.1.x

If this still does not work or you facing an issue or error(Like 'Operation system is missing') 
click here 

1 Comment

solidcore/application control - troubleshooting

26/3/2016

0 Comments

 
Application Control former Solidcore.

Problems:

Any unusual problem like:

- After Initial scan, enable and restart getting a Blue Screen
- After Initial scan, enable and restart getting a Login screen stuck

Solution:

Reproduce the problem and investigate the logs with GatherInfo.

GatherInfo is a utility that collects information related to log files, inventory, product version, and system state, which are needed for troubleshooting.
This utility is shipped with the product and is available in the product installation directory.
The default installation directory should be:
• Windows — <System drive>\Program Files\McAfee\Solidcore\Tools\GatherInfo

If you need more help open a service request at McAfee support and upload it to them.
0 Comments

Virus Scan block Mcafee processes

14/2/2016

0 Comments

 
Issue:

When installing or upgrading to McAfee Agent 5.x or above, Virus scan could block McAfee processes.

McAfee Virus scan Access protection policy contain rules with exclude to McAfee processes, but when upgrading or install new version you also need to update the default excludes.

McAfee Agent version 5 and above have new processes names so you will need to exclude those processes in access protection policies.

Add those processes:
MASvc.exe, MACmnSvc.exe, MACompatSvc.exe

 To the following access protection rules in Exclude:
- Prevent modification of McAfee files and settings
- Prevent modification of McAfee Common Management Agent files and settings
- Prevent modification of McAfee Scan Engine files and settings
0 Comments

How to configure server task schedule as advance - cron syntax

28/1/2016

0 Comments

 
Environments:  ePO 4.x, ePO 5.x

When creating a server task you must configure a schedule - when this task will run.
One of the option is Advance.
Advance need to be configure with Cron syntax.

The Cron Syntax Contain 6 variable and another one optional, Total 7.
The variable is split in to different meaning:
Picture

​The definition will be in the following order: 
Picture

each variable can be accommodate with more then one option, each option will be divided with a comma (",").

Forward slashes (/) identify increments.

The letter "L" means "last" in the Day of Week or Day of Month fields

The letter "W" means "weekday"

The pound character "#" identifies the "Nth" day of the month

On the day of week you can choose to use number or words, like:
​
0=Sun
1=Mon
2=Tue
3=Wed
4=Thu
5=Fri
6=Sat
1,3,5=Mon,Wed,Fri

In the following example the task will run every hour and 5 minutes:
 
0 5 * * * ?

In the following example the task will run every 5 minutes:
 
0 0,5,10,15,20,25,30,35,40,50,55 * * * ?

In the following example the task will run every 10 minutes:

 
0 0/10 * * * ?
0 Comments

McAfee tag catalog - Tag Limit Criteria

28/1/2016

0 Comments

 
When creating a Tag you will need to configure a unique criteria.

The limit for the Properties to choose is 27.
0 Comments

McAfee dlp incident manger is slow - how to purge old mcafee dlp events

26/1/2016

2 Comments

 
The best way to purge McAfee DLP/HDLP events, For McAfee DLP and HDLP Version 9.3,9.4

On ePO console go to Menu-> Data Protection -> DLP Incident Manager
​
Picture

Go to Incident Tasks
​
Picture

​Click Actions
Picture

Choose a Name and write a description if you want
Choose the Filter you want, I prefer always to choose the Occurred(UTC) - Is not within the Last X Days.
Click OK to save.
Picture

​Make sure the state is Enable
Picture

Go to Menu -> Automation -> Server Tasks
Click on Actions -> New Task
Picture

Choose a Name and write a description if you want, Click Enable and then Next
Picture

Click on the drop down list next to the Actions, Choose DLP Incident tasks runner
Mark the task you created, click ok.
Picture

​Make sure that the task is want you need(with the filter you configure)
​Click Next
Picture

​Configure the schedule to run the task.

If you configure to run the task in my example - Every day at 11:00 PM, The task will purge all the events older then 90 days.
​
Click Next and save.
Picture

See the task you created.
You can also run this task manually by click on the run button
Picture

The first time the task will run maybe it will be at the beginning on status waiting, at Server Task Log screen.

Be patient!!!

you can also click on the log(while it on waiting) and you will see it started and working.
Picture

​Good Luck!!!
2 Comments
<<Previous
    Picture
    View my profile on LinkedIn

    Categories

    All

    Ebates Coupons and Cash Back

    Archives

    August 2017
    March 2017
    October 2016
    June 2016
    March 2016
    February 2016
    January 2016
    December 2015
    May 2015
    March 2015

    Buy me a coffee:)