Published on August 17th, 2005
Summary
- The MNE for Mac Remote Provisioning Tool requires a system restart before it can communicate with the ePO server. McAfee Management of Native Encryption (MNE) 4.1.1.x and earlier releases McAfee ePolicy Orchestrator (ePO) Remote Provisioning Tool Mac FileVault For details of MNE supported environments, see KB-79375.
- Jul 30, 2012 How to push the ePO Agent to a MAC wc659. Unsubscribe from wc659? How to Install McAfee Agent 5 0 4 in MAC OS X - Duration: 5:54. Elearninginfoit 9,411 views.
Epo Agent For Mac Os
This article gives the steps to install the McAfee EPO Agent 4.6.x on Mac OS X Lion. Download install.sh from McAfee Share on EPO Server to Mac; Open Terminal; Change directories to where the install.sh file is. Security for Every Endpoint. Our products integrate with Windows Defender and extend threat protection to Windows, macOS, and Linux systems, as well as Android and iOS mobile devices—all through a single-agent architecture.
”McAfee Security ePolicy Orchestrator is an enterprise antivirus management tool. ePolicy Orchestrator is a policy driven deployment and reporting tool for enterprise administrators to effectively manage their desktop and server antivirus products.’
Credit:
‘The information has been provided by Reed Arvin.’
Details
‘Vulnerable Systems:
* Network Associates ePolicy Orchestrator Agent version 3.5.0 (patch 3)
* Network Associates ePolicy Orchestrator Agent version 3.5.0 (patch 3)
The ePolicy Orchestrator Agent web server (which runs on TCP port 8081 by default and serves the McAfee Agent Activity Log) can be used to view files that exist on the same partition with LocalSystem level privileges.
On a default windows installation the ‘C:Documents and SettingsAll UsersApplication DataNetwork AssociatesCommon FrameworkDb’ folder (which is created by the EPO agent and is the folder that serves as the web root for the McAfee Agent Activity Log) includes the NTFS permission Everyone/Full Control.
By using the Junction tool (from SysInternals) available at http://www.sysinternals.com/utilities/junction.html one can create a sub folder in the EPO agent web root directory (as any user) that will allow any file on the same partition to be viewed with LocalSystem level privileges.
Example:
1. Logon to a machine running the EPO agent as any user.
2. Using the Junction tool type the following command:
junction ‘C:Documents and SettingsAll UsersApplication DataNetwork AssociatesCommon FrameworkDbTest’ C:
This creates the equivalent of a virtual folder in the web server root named Test that points to C:
1. Logon to a machine running the EPO agent as any user.
2. Using the Junction tool type the following command:
junction ‘C:Documents and SettingsAll UsersApplication DataNetwork AssociatesCommon FrameworkDbTest’ C:
This creates the equivalent of a virtual folder in the web server root named Test that points to C:
3. Use Internet Explorer to view a restricted file such as:
http://127.0.0.1:8081/Test/WINDOWS/repair/sam
http://127.0.0.1:8081/Test/WINDOWS/repair/sam
The contents of the restricted file will be displayed thanks to the LocalSystem account.’
The information and instructions below only pertain to staff and postgrads in Trinity offices and labs and on the staff Wi-Fi network. If you are a student please visit the TCDconnect requirements for supported anti-virus solutions.
There are two pieces of software staff must install on their Windows PC or Mac to ensure their personal computers and the Trinity network are protected from virus outbreak.
They are: McAfee ePolicy Orchestrator (ePO) Agent & McAfee Endpoint Security.
They are: McAfee ePolicy Orchestrator (ePO) Agent & McAfee Endpoint Security.
Please go to the section for Windows PC or macOS, as applicable, and follow the instructions below to install both on your machine.
Windows PC
Before you begin
- Ensure that McAfee ePolicy Orchestrator (ePO) Agent & McAfee Endpoint Security are not already installed.
- In Windows 8 choose Start - Control Panel and double-click on Programs & Features. In Windows 10 click Start and type 'Add or remove programs' and then select that option
- Scroll through the list and check that McAfee Agent & McAfee Endpoint Security Platform are listed. If so, you already have these programmes and do not need to install further.
- Uninstall any other preinstalled anti-virus software.
- In Windows 8 choose Start - Control Panel and double-click on Programs & Features. In Windows 10 click Start and type 'Add or remove programs' and then select that option
- From the list of applications select the appropriate application to remove and follow the instructions on screen. It is advisable to reboot your PC to allow complete uninstallation of the existing software.
McAfee ePolicy Orchestrator (ePO) Agent
IT Services makes use of an anti-virus management system called McAfee ePolicy Orchestrator which enables us to remotely monitor anti-virus software on client PCs. In the event of a virus outbreak we can force updates on client machines and identify infected machines.
A small ePO 'agent' file is installed on each client PC which reports back details to our ePolicy Server. The agent service runs silently and hidden in the background and has no negative performance effect on any other application. Computers connected to the Trinity data network which have the ePO agent installed can have their virus definitions and Endpoint Security engine automatically updated, and have a daily scan automatically scheduled.
A small ePO 'agent' file is installed on each client PC which reports back details to our ePolicy Server. The agent service runs silently and hidden in the background and has no negative performance effect on any other application. Computers connected to the Trinity data network which have the ePO agent installed can have their virus definitions and Endpoint Security engine automatically updated, and have a daily scan automatically scheduled.
You must be connected to the Trinity data network to process with these steps.
- Save your files and shut down any open programs.
- Launch the ' Run' dialog box by holding down the Windows key and hitting R, or by launching Run from the Start menu
- In the 'Run' dialog box, beside 'Open:' enter the following and click OK:
ntserver-usrVirusPCMcAfeeePO Agent
Or
ntserver-usr.tcd.ieVirusPCMcAfeeePO Agent - Double click the FramePkg file and at the User Account Control window, Select Allow or Yes
- When the McAfee agent and Updater setup is complete click OK to 'Setup completed Successfully'
Installing McAfee Endpoint Security (ENS) for Windows
Uninstalling Other Antivirus Software
- If you have any other security software installed on your computer, you must uninstall it first before installing ENS. Please follow the directions in “Before you Begin” to do this.
Manual Installation of Endpoint Security
- Install the ePO Agent, using the steps in the section above 'Installing McAfee ePO Agent on Windows PC'
- Once the ePO Agent has been installed, and once your PC is connected to the College network, then McAfee ENS will be automatically installed within 15-30 minutes.
The software is automatically configured to receive daily updates from a central server.
Run the Update Task
![Mcafee Mcafee](/uploads/1/1/7/8/117849601/303625268.jpg)
The Auto update task automatically checks for Anti-Malware and engine updates on a daily basis. When an emergency update is required, IT Services will push the new update to all networked machines.
To manually run the Auto Update task:
To manually run the Auto Update task:
- In Windows 10, Right click on the McAfee shield in the system tray and select McAfee Endpoint Security as illustrated to the right.
- Once the Endpoint Security interface opens click button to update the security software
- When the update completes click Close.
Scan for Threats
A weekly Full Scan is configured to run every Thursday afternoon, the scan is managed by the McAfee ePO server and cannot be cancelled or modified.
ENS is continually running an ‘on access scan’ in the background.
If you wish to run a scan you access the ENS interface as outlined above.
ENS is continually running an ‘on access scan’ in the background.
If you wish to run a scan you access the ENS interface as outlined above.
Once you have accessed the interface click on you will then be presented with the following options for Quick Scan or Full Scan
To scan external media (such as memory keys or external hard drives):
- Insert the external media
- Click Start - Computer
- Right click on the drive letter the media is connected to and click on ‘Scan for threats…’
macOS
Before you begin
- Ensure that McAfee ePolcy Orchestrator (ePO) Agent & McAfee Endpoint Security are not already installed.
- To check this check the top right of the screen to see if there is a McAfee shield displayed as illustrated
- If this is not displayed then neither the ePO agent or Endpoint Security is installed on your Mac
- Uninstall any other preinstalled anti-virus software.
McAfee ePolicy Orchestrator (ePO) Agent
IT Services makes use of an anti-virus management system called McAfee ePolicy Orchestrator (ePO) which enables us to remotely monitor anti-virus software on client PCs and Macs. In the event of an outbreak we can force updates on client machines and identify infected machines.
A small ePO 'Agent' file is installed on each client PC and Mac which reports back details to our ePO Server. The agent service runs silently and hidden in the background and has no negative performance effect on any other application. Computers connected to the Trinity data network which have the ePO agent installed can have their virus definitions and Endpoint Security engine automatically updated, and have a daily scan automatically scheduled. The installation of this ePO Agent is a pre-requisite for connection to the College network in offices and labs.
You must be connected to the Trinity data network (wired or Wi-Fi) to proceed with these steps.
- On your Mac desktop click Go on the top menu and select Connect to server
- Enter the following server address:
smb://ntserver-usr/Virus/Mac/ePO Agent
and, when prompted, enter your Trinity Username and Password - Copy the McAfeeSmartInstall.app.zip file to your Mac desktop.
- Double click the zip file to Extract the installer
5. Double click the ‘McAfeeSmartInstall’ to install the software, you should get the following window
6. Within 10 minutes you should see the McAfee menu icon appear
7. You may get one of the following notifications
8. To remedy this first choose Apple Icon - System Preferences - Security & Privacy, then choose ‘Allow’ beside ‘System software from developer ‘McAfee, Inc.’ was blocked from loading’.
9. Within the Security & Privacy Preferences choose the Privacy tab and check the box beside the two processes ‘VShieldScanner’ and ‘fmpd’
10. Next, click the + sign, hold Cmd+Shift+g to launch the ‘Go To Folder’ box, and then enter this folder location:
/usr/local/McAfee/Antimalware/
Choose the file ‘VShieldService’ and then choose Open.
/usr/local/McAfee/Antimalware/
Choose the file ‘VShieldService’ and then choose Open.
11. Click the + sign again and this time choose the file ‘VShieldTaskManager’ and then choose Open.
12. If 'VShieldScanner' isn't already listed then click the + sign again and this time choose the file ‘VShieldScanner’ and then choose Open.
13. If 'fmpd' isn't already listed then click the + sign again, hold Cmd+Shift+g to launch the ‘Go To Folder’ box, and then enter this folder location:
/usr/local/McAfee/fmp/bin64/
Choose the file 'fmpd' and then choose Open.
12. If 'VShieldScanner' isn't already listed then click the + sign again and this time choose the file ‘VShieldScanner’ and then choose Open.
13. If 'fmpd' isn't already listed then click the + sign again, hold Cmd+Shift+g to launch the ‘Go To Folder’ box, and then enter this folder location:
/usr/local/McAfee/fmp/bin64/
Choose the file 'fmpd' and then choose Open.
14. Make sure all 4 items shown below are selected, and then close the Security & Privacy Preferences
Follow the steps below to run a scan on MacOS.
- Click on the McAfee menu and select Console
- Under Activity select Scan Now, from here you can select what to scan before clicking on the Start Scan button.
The FAQs below relate to McAfee Endpoint Protection for Mac version 2.1 that can be installed on macOS 10.7 and later
Mcafee Agent For Mac Mer
Problems Installing McAfee ePO Agent for Mac?
When trying to open McAfee Agent for Mac.pkg you may receive the following error:
“McAfee Agent for Mac' can't be opened because it is from an unidentified developer
This error occurs because Gatekeeper options are set to 'Mac App Store and identified developers'. GateKeeper options can be found in System Preferences - Security & Privacy - ‘General’ Tab. If you are getting a security warning then the problem is that the package is not trusted. There are a few methods to work around this.
“McAfee Agent for Mac' can't be opened because it is from an unidentified developer
This error occurs because Gatekeeper options are set to 'Mac App Store and identified developers'. GateKeeper options can be found in System Preferences - Security & Privacy - ‘General’ Tab. If you are getting a security warning then the problem is that the package is not trusted. There are a few methods to work around this.
- The simplest and easiest way is to control-click (or right-click) the downloaded app. Select Open from the top of contextual menu that appears. On the ensuing dialogue box, choose ‘Open’ as well. Note that this will exempt this file from Gatekeeper. Enter an Administrator username and password if prompted.
- Change setting to allow applications downloaded from Anywhere to be installed. This is the least safe method, and is not normally recommended. All downloaded apps will no longer be stopped or checked for authenticity by Gatekeeper. This will allow you to run any downloaded piece of software (but will still warn you that you are opening a potentially unsafe program).
Once the application has started to install continue from Step 5 in the installation instructions above.
To get more details on GateKeeper please see the Apple support site below ->
http://support.apple.com/kb/ht5290
To get more details on GateKeeper please see the Apple support site below ->
http://support.apple.com/kb/ht5290
How do I check if the virus definitions are up to date?
- Launch McAfee Endpoint Protection for Mac Console via the red McAfee shield icon in the system tray at the top right of the screen.
- Select Update now from the list on the left hand side
- The current installed update details will be shown and the important items are the DAT Version and the DAT Creation Date
How do I manually update my Virus Definitions?
- Launch McAfee Endpoint Protection for Mac Console via the red McAfee shield icon in the system tray at the top right of the screen.
- Select Update now from the list on the left hand side.
- On the right select Start Update and when the Update in Progress is complete you can close the console.
Some Items have Yellow Exclamation signs in the Console Dashboard
Epo Agent For Mac Download
McAfee Endpoint Protection for Mac that is used for College only enforces the Scanning functionality of the application. This includes the On-Access Scan and the Spyware Scan. In the Dashboard these items will have checkmarks beside them. The two options not enforced are Application Protection and Desktop Firewall and these will have a Yellow Exclamation mark beside them when looking at the Dashboard.
When I check the Update Schedule the option is set to Never
When the McAfee ePO Agent for Mac (as per instructions above) is installed it manages the update schedule for McAfee Endpoint Protection for Mac.To avoid the update running twice in one day the Agent disables the Update process and uses its own task to manage updates.
How do I uninstall McAfee ePO Agent for Mac?
- Switch to Finder and chose Go - Utilities from the main menu. Double click on Terminal to open the Terminal window and run the command below
- sudo /library/mcafee/cma/uninstall.sh
- When you hit enter you will be prompted for a password. This will be the local Mac administrator password. The administrator account is a standalone account for the Mac which you will have configured when first setting up the Mac, and is not related to your Trinity network login password. Note that the characters will not appear on screen as you are typing them in.
- You should get a message in the Terminal window that states that Agent Uninstalled
- You can then close the Terminal application.
How do I uninstall McAfee Endpoint Protection for Mac?
- Switch to Finder and chose Go - Utilities from the main menu. Double click on Terminal to open the Terminal window and run the command below
sudo /usr/local/McAfee/uninstall EPM
Please note that the uninstall command is case sensitive - When you hit enter you will be prompted for a password. This will be the local Mac administrator password. It is a standalone account for the Mac which you will have configured when first setting up the Mac and is not related to your Trinity network login password. Note that the characters will not appear on screen as you are typing them in.
- You should get a message in the Terminal window that states that Product has been uninstalled Successfully
- You can then close the Terminal application. Please restart your Mac to complete the uninstallation.