McAfee TEECDE-AA-AA Evaluator Guide - Page 36

Select All in this Wake Up Agents

Get McAfee TEECDE-AA-AA - Total Protection For Endpoint PDF manuals and user guides View all McAfee TEECDE-AA-AA manuals
Add to My Manuals
Save this manual to your list of manuals

Page 36 highlights

Deploy the McAfee Agent than the next communication would occur. It also allows you to force clients to run tasks, such as an immediate update. Use this task to verify whether your client systems are communicating with ePolicy Orchestrator. 1 Click Menu | Systems | System Tree, then click Systems on the menu bar. 2 Highlight your Servers or Workstations group. 3 If an IP address and user name are listed, the agent on the client system is communicating with the server. 4 If five to ten minutes pass and systems do not have an IP address and user name, select Actions | Agent | Wake Up Agents and click OK. If sending a wake-up call fails to retrieve an IP address and user name, other environmental factors might be preventing the initial agent deployment. If this happens, you can copy the agent installer, Framepkg.exe, from the ePO server and run it on the client systems. Verifying client software installation Depending on how many products you deployed, the client installation process might take some time to complete. You can verify client installations from the ePO server, or on the client systems by right-clicking the McAfee system tray icon. Use this task to verify client installations from the ePO server. 1 Click Menu | Systems | System Tree, then click Systems on the menu bar. 2 Highlight your Servers or Workstations group. 3 Select individual systems using the checkboxes, or use Select All in this Page or Select All in all Pages. 4 Click Actions | Agent | Wake Up Agents. 5 If you were waking up a large number of systems, adding a few minutes of Randomization is useful. Click OK. 6 After a few minutes, click individual systems. The System Details page provides information about the system, including the installed McAfee software. Revisiting the PUP audit VirusScan policy At this point, the software installation client tasks have run, or are running, and all the policies you created in previous tasks are downloaded. If your test systems have clean, newly installed operating systems, you might not have any PUP detections. For the purpose of this exercise, assume that these items were detected on your clients: • The remote administration tool Tight VNC. • A port scanner called SuperScan. Most PUPs are detected with both the family and name of the application. For instance, the port scanner called SuperScan is detected as PortScan-SuperScan, and TightVNC is detected as RemAdm-TightVNC. This is the basic nomenclature for the "detection names" as provided in ePO reports and local client log files. After completing your audit of PUPs, use this task to create a new policy, based on your existing Unwanted Programs Policy policy, and add any required exclusions. This task uses SuperScan and Tight VNC as examples. You do not need to enter these exclusions now; you can refer back to this example if and when you need to make any actual exclusions. 1 Click Menu | Systems | System Tree, then click Assigned Policies on the menu bar. 2 From the Product drop-down menu, select VirusScan Enterprise 8.7.0. 36 McAfee Total Protection for Endpoint Lab Evaluation Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
than the next communication would occur. It also allows you to force clients to run tasks, such
as an immediate update.
Use this task to verify whether your client systems are communicating with ePolicy Orchestrator.
1
Click
Menu
|
Systems
|
System Tree
, then click
Systems
on the menu bar.
2
Highlight your
Servers
or
Workstations
group.
3
If an IP address and user name are listed, the agent on the client system is communicating
with the server.
4
If five to ten minutes pass and systems do not have an IP address and user name, select
Actions
|
Agent
|
Wake Up Agents
and click
OK
.
If sending a wake-up call fails to retrieve an IP address and user name, other environmental
factors might be preventing the initial agent deployment. If this happens, you can copy the
agent installer,
Framepkg.exe
, from the ePO server and run it on the client systems.
Verifying client software installation
Depending on how many products you deployed, the client installation process might take some
time to complete. You can verify client installations from the ePO server, or on the client systems
by right-clicking the McAfee system tray icon.
Use this task to verify client installations from the ePO server.
1
Click
Menu
|
Systems
|
System Tree
, then click
Systems
on the menu bar.
2
Highlight your
Servers
or
Workstations
group.
3
Select individual systems using the checkboxes, or use
Select All in this Page
or
Select
All in all Pages
.
4
Click
Actions
|
Agent
|
Wake Up Agents
.
5
If you were waking up a large number of systems, adding a few minutes of Randomization
is useful. Click
OK
.
6
After a few minutes, click individual systems. The System Details page provides information
about the system, including the installed McAfee software.
Revisiting the PUP audit VirusScan policy
At this point, the software installation client tasks have run, or are running, and all the policies
you created in previous tasks are downloaded. If your test systems have clean, newly installed
operating systems, you might not have any PUP detections. For the purpose of this exercise,
assume that these items were detected on your clients:
The remote administration tool
Tight VNC
.
A port scanner called
SuperScan
.
Most PUPs are detected with both the family and name of the application. For instance, the
port scanner called SuperScan is detected as
PortScan-SuperScan
, and TightVNC is detected
as
RemAdm-TightVNC
. This is the basic nomenclature for the "detection names" as provided
in ePO reports and local client log files.
After completing your audit of PUPs, use this task to create a new policy, based on your existing
Unwanted Programs Policy
policy, and add any required exclusions. This task uses SuperScan
and Tight VNC as examples. You do not need to enter these exclusions now; you can refer back
to this example if and when you need to make any actual exclusions.
1
Click
Menu
|
Systems
|
System Tree
, then click
Assigned Policies
on the menu bar.
2
From the
Product
drop-down menu, select
VirusScan Enterprise 8.7.0
.
Deploy the McAfee Agent
McAfee Total Protection for Endpoint Lab Evaluation Guide
36