Release Notes for McAfee Agent 4.5 Patch 1 For Windows

(1)

Release Notes for McAfee Agent 4.5 Patch 1 For Windows

About this Document

About this release System requirements Rating Purpose Known issues Resolved issues Installation instructions

Allowing users to configure proxy settings Changes in the ePolicy Orchestrator console Changes in the VirusScan console

Finding documentation for McAfee enterprise products License Attributions

About this Document

Thank you for using McAfee Agent software version 4.5. This document contains important information about this release. We strongly recommend that you read the entire document.

About this release

Patch Release: June 16, 2010 Agent Extension Build: 4.5.0.171

Agent Patch Package For Windows Build: 4.5.0.1499 This release was developed for use with:

Data Loss Prevention 2.1, 2.2 and 3.0 Data Loss Prevention Network 8.5 and 8.6 Endpoint Encryption for Files and Folders 3.1.0 Endpoint Encryption for PC 6.0

Encrypted USB 1.2

ePolicy Orchestrator 4.0 and ePolicy Orchestrator 4.5 GroupShield Exchange 7.0.X

GroupShield Domino 7.0.X

McAfee Anti-Spam for GroupShield 7.0 McAfee Quarantine Manager 6.0

McAfee Security for Microsoft SharePoint 2.0.X McAfee Security for Microsoft Exchange 7.5 Network Access Control 3.0, 3.1, 3.2 Policy Auditor 5.1 and 5.2

SiteAdvisor Enterprise 1.7, 2.0 and 3.0 McAfee Host Intrusion Prevention System 7.X Solidcore 5.0 and 5.0.1

VirusScan Enterprise 8.5i (Patch 7 and above) and 8.7i (with AntiSpyware Enterprise) VirusScan Enterprise — SAP 1.0.1

VirusScan Enterprise — Storage 1.0 Patch 1

(2)

Make sure you have installed the correct version(s) before using this release.

System requirements

This section specifies the system requirements for McAfee Agent 4.5 Patch 1 Installed disk space — 29-32 MB, excluding log files

Memory — 256 MB RAM minimum Processor Speed – 500 MHz minimum

Processor — Intel or compatible; Intel Pentium or Celeron; Itanium 2 processors Operating systems:

Windows 2003 Server, Standard Edition, SP 1 or 2 Windows 2003 Server, Enterprise Edition, SP 1 or 2 Windows 2003 Server, Web Edition, SP 1 or 2

Windows 2003 Server R2, Standard Edition, SP 1 or 2 Windows 2003 Server R2, Enterprise Edition, SP 1 or 2 Windows 2003 Server R2, Web Edition, SP 1 or 2 Windows 2003 Server, Standard x64 Edition, SP 2 Windows 2003 Server, Enterprise x64 Edition, SP 2 Windows 2003 Server R2, Standard x64 Edition, SP 2 Windows 2003 Server R2, Enterprise x64 Edition, SP 2 Windows XP Home, SP 2 or 3 Windows XP Professional, SP 2 or 3 Windows XP Professional, x64 SP 2 or 3 Windows XP Tablet PC 2005 Windows Vista, SP 1 or 2 Windows Vista x64, SP 1 or 2 Windows Server 2008 Windows Server 2008 x64 Windows Server 2008 R2 Windows Server 2008 R2 x64 Windows 7 Windows 7 x64

This release does not support Windows 95, Windows 98, Windows Millennium Edition, Windows NT, Windows 2000 and Windows XP SP1.

Rating

McAfee recommends this release for all environments. This update should be applied at the earliest convenience. For more information, see KB article KB51560.

Purpose

This document supplements the McAfee Agent 4.5 Readme file in the release package, and details fixes included in McAfee Agent 4.5 Patch releases.

This Patch contains a variety of improvements. McAfee has spent a significant amount of time finding, fixing, and testing the fixes in this release. Please review the Known and Resolved Issues lists for additional information on the individual issues. Refer to online Knowledge Base article KB65953 at McAfee Knowledge Base for the most current information regarding this release.

Known issues

Known issues in this release of the software are described below:

1. Issue: Software deployments fail from a local (non-ePO managed) repository, when the local repository has an older catalog.z version. (Reference: 545950)

Resolution: McAfee Agent 4.5 Hotfix 545950 for Microsoft Windows is being developed for this issue. Please see KB67977 for details.

(3)

Update Task screen, with no version number (Reference: 548892)

Workaround: There is no known workaround for this.

Resolved issues

Issues that are resolved in this release are listed below.

1. Issue: The McAfee Agent was vulnerable to the issue described in Security Bulletin SB10002, McAfee Security

Bulletin - ActiveX security issue in CMA and McAfee Agent. (Reference: 528597)

Resolution: The McAfee Agent upgrade process has been updated to implement the required registry modifications. 2. Issue: The McAfee Agent failed to display the agent icon, show the agent status monitor, enforce policies, or run

tasks in environments enforcing reduced DCOM privileges. (Reference: 502250)

Resolution: The McAfee Agent now applies “connect” rather than “anonymous” as the required level of DCOM security authentication.

3. Issue: The McAfee Agent Policy \ Updates section did not allow the ability to install product patches from the

Previous or Evaluation Branch. (Reference: 392871) Resolution: The Policy Section now includes Patches.

4. Issue: The agent would read from the point product list in the registry and check whether NaPrdMgr.exe needed

to be restarted once a minute. This could prevent the computer from going into a low power state. (Reference:503403)

Resolution: The agent now only reads from the registry list when it detects a registry change and only checks whether NaPrdMgr.exe needs a restart at policy enforcement time.

5. Issue: The McAfee Agent 4.5 did not provide an embedded credential installation package options (Reference:

529171)

Resolution: A separate ePO check in package is provided with McAfee Agent Patch 1 that supports creation of embedded credentials packages. An embedded credential installation package is now available. The embedded credential package is separate from the General Use package. If you require the use of embedded credentials, please download the MA450P1Win_EMBEDDED.zip from the McAfee download site or the McAfee ServicePortal.

NOTE: The packages are different to accommodate both customers that need embedded credentials and those that do not. Using embedded credentials requires the compiled package size to increase several megabytes. This can be a significant issue in some environments. This is the only difference between the two packages.

For Best Practice recommendations, see KB65538 - Important information on using Embedded Credentials

6. Issue: Event ID 4354 would appear as a warning message in the Application Event log after installing MA 4.5

(Reference: 529456).

Resolution: This message no longer appears.

7. Issue: When upgrading the McAfee Agent to version 4.5 from version 4.0, the message "New MAC address was

found...regenerating Agent ID." (Reference: 486102) Resolution: This message no longer appears.

8. Issue: When McAfee Agent 4.0 or 4.5 were installed, the VirusScan mirrorlog.txt no longer contained success or

failure messages (Reference: 491845).

Resolution: Logging functions have been restored to the mirrorlog.txt file.

9.Issue: If an Agent was configured to use an FTP or HTTP repository with credentials containing the characters '@', '/', or ':', the Agent would fail to authenticate with the repository as if the username and passwords were incorrect. (Reference: 491907)

Resolution: The Agent now supports any legal character combination for repository credentials.

10.Issue: Agent installation would sometimes fail if a site list had a very large number of sites. (Reference: 495083) Resolution: The time out on the site list installation program has been increased to allow larger site lists.

(4)

properties.(Reference: 524763)

Resolution: Portable computers are now identified properly.

12.Issue: On multiple monitor systems, the Agent dialog boxes would sometimes appear behind other open applications on the desktop.(Reference: 489716)

Resolution: Agent windows are now always visible when opened.

13.Issue: The Agent tray icon did not reappear if the explorer.exe process crashed and was restarted.(Reference: 504672)

Resolution: The Agent icon is now automatically restarted in this case.

14.Issue: While adding a site in the repository list through a point product UI, there was a memory leak in the McAfee Agent application.(Reference: 543855)

Resolution: There is no longer a memory leak.

15.Issue: When the McAfee Agent failed to connect to ePolicy Orchestrator the server rejected the connection during a McAfee Agent “Wakeup with Full Properties” request, the McAfee Agent would only send incremental properties the next time properties were uploaded. (Reference:528590)

Resolution: McAfee Agent “Wakeup with Full Properties” requests are now retried until successfully sent to the ePolicy Orchestrator server.

16.Issue: When directed to use a language other than the system default through the “UseLanguage” feature, the reported language remained the system default language.

Resolution: The McAfee Agent now properly reports the language in use.

17.Issue: The /upgrade agent installer switch updated the agent binaries, but did not remove or upgrade obsolete data from previous installs.(Reference: 528592)

Resolution: /upgrade switch now properly alters both the agent binaries and data as appropriate.

18.Issue: If certain system folders (e.g., Documents, Desktop, or Start Menu) were located on a network drive, the install would fail. The upgrade process was checking for the existence of the My Favorites and Fonts folders. If they were not present, the upgrade failed. (Reference: 528595)

Resolution: The install will no longer fail in this circumstance.

19.Issue: It was incorrectly possible to schedule an Update Task with the Engine selected but no DAT.(Reference: 528573)

Resolution: You must now select the update DATs when updating the Engine.

20.Issue: The error message "Failed to OpenProcess. Error code 57" would appear in the agent log on 64-bit Windows when no user was logged on. This message was incorrect because no error actually occurred. Resolution: The message no longer appears.

21.Issue: When the Update process failed to download a requested file and failed over to a subsequent repository, a DAT or Engine update could fail. (Reference: 528587)

Resolution: The Update process now allows DAT or Engine updating to complete when failing over to a subsequent repository.

22.Issue: The McAfee Agent did not support the ePolicy Orchestrator Duplicate List feature. (Reference: 528599) Resolution: The McAfee Agent now supports the ePolicy Orchestrator Duplicate List feature.

23. Issue: The McAfee Agent installation process would fail when the current user's user name contained non-ASCII

(ex. Japanese) characters. (Reference: 528582)

Resolution: The McAfee Agent installation process now allows user names to contain non-ASCII characters. 24.Issue: When policy enforcement occurred while the repository was being sorted, the McAfee Agent would leak virtual memory. (Reference: 528594)

Resolution: The McAfee Agent no longer leaks memory when enforcing policies during a repository sort. 25.Issue: The McAfee Agent did not allow deployment tasks to be postponed. (Reference: 528589)

(5)

Resolution: The McAfee Agent now allows deployment tasks to be postponed.

26.Issue: Damaged or missing McAfee Agent Policy and Task values would create Unexpected Exceptions when displayed in the ePolicy Orchestrator console. (Reference: 528578)

Resolution: When the ePolicy Orchestrator console displays McAfee Agent Policies or Tasks it now replaces damaged or missing values with appropriate default values.

27.Issue: If the agent failed over to a second repository during an update, a second update dialog was displayed after the initial dialog. (Reference:528586)

Resolution: The agent now only shows one dialog per update.

28.Issue: Use of the /ForceUninstall parameter on Windows 7 may result in a reboot prompt. (Reference: 528581) Resolution: The reboot prompt no longer appears in this scenario.

29.Issue: The Agent could deploy software to Windows 7 systems even if the software's supported platform list did not include Windows 7.(Reference: 529485)

Resolution: In this case the Agent now properly reports a product conflict and does not deploy the software. 30. Issue: Tasks created using previous versions of the Agent Extension were not run on Windows 7

machines.(Reference: 523299)

Resolution: The Agent Extension will automatically upgrade existing Windows tasks to also support Windows 7. 31.Issue: If you allowed user postponement of a Deployment or Update task, the postpone dialog would appear at the beginning of task execution, before the task determined if any deployment or update was actually

necessary.(Reference: 525196)

Resolution: The dialog now only appears after the task determines that a download or installation is required. There is also a new text box on the Deployment and Update task screens in the ePolicy Orchestrator console that allows you to enter explanatory text to display in the update dialog box shown on the client.

32. Issue: When agent unloaded a plugin it would not call the plugin’s exit routine. (Reference: 547679)

Resolution: Now, the agent calls the exit routine of the plugin.

32.Issue: If a download of large files such as DATs from a SuperAgent was slow due to a slow connection, the files would be locked when the ePO server tried to delete them on replication, so they would never get

deleted.(Reference:482699)

Resolution: SuperAgents now allow files to be deleted even when it is downloading them at the same time.

33. Issue: In the McAfee Agent extension if you added a Local repository policy, saved it, then changed it to be a

UNC repository, the relative path of the Local repository would still be preserved. The agent would add it to the UNC path, resulting in an invalid UNC path.(Reference: 520485)

Resolution: When you add or change a UNC repository policy, it now always clears the relative path.

34.Issue: For low privilege users or the Guest account, if the 'Show Agent Tray Icon' policy was enabled, a new non-functional Agent icon appeared and a new UdaterUI.exe process was launched at every policy

enforcement.(Reference: 513048)

Resolution: The Agent tray icon processes do not run for users with privilege less than that of a normal user account.

35. Issue: The agent installer would not install if the supplied SiteList.xml file contained an SPIPE site that was

disabled.(Reference: 507137)

Resolution: The agent installer now installs even if the SPIPE site is disabled.

36.Issue: When upgrading the agent to MA 4.5 or reinstalling MA 4.5 a new lpcRT_<unique string> would be created in the agent install directory, but the original directory would not be removed.(Reference: 489375) Resolution: The lpcRT_ directory from the previous version is now removed.

37. Issue: For low privilege users or the Guest account, while the Agent tray icon process is running, any USB or

other removable drive did not appear in Windows Explorer when plugged in.(Reference: 518694)

(6)

account.

38. Issue: "The McShield service hung during startup" (system event 7022) would sometimes appear in the Windows

event log during startup when McAfee Agent 4.5 and VirusScan Enterprise 8.7 were installed.(Reference: 542703) Resolution: This event should now appear less frequently.

Installation instructions

This section provides instructions for installing and upgrading McAfee Agent 4.5 P1 for use with ePolicy Orchestrator versions 4.0.X and 4.5.X

Tasks

Installing on ePolicy Orchestrator 4.0.X systems Installing on ePolicy Orchestrator 4.5.X systems

Installing on Windows using third-party deployment methods Upgrading

Installing, upgrading and uninstalling using Windows command-line switches

Installing on ePolicy Orchestrator 4.0.X Systems

This section provides instructions for installing McAfee Agent 4.5 P1 for use with ePolicy Orchestrator version 4.0.x on each of the supported operating systems.

Installing on Windows using ePolicy Orchestrator 4.0.X

You must have administrator rights to perform this task.

1. Download the current agent extension, EPOAGENTMETA.zip, and the Patch 1 agent package, MA450P1WIN.zip, to

the system containing the ePolicy Orchestrator server. 2. Install the agent extension:

a. In the ePolicy Orchestrator 4.0 console, click Configuration.

b. On the Extensions tab, click Install extension.

c. Browse to the location containing EPOAGENTMETA.zip, select it and click OK. The Install Extensions

summary page appears.

d. Click OK to complete the installation of the extension.

3. Check in the agent package to the ePolicy Orchestrator repository.

a. In the ePolicy Orchestrator 4.0 console, click Software.

b. Click Master Repository

c. Click Check in Package.

d. Browse to the location containing MA450P1WIN.zip, select it and click Next.

e. Ensure that Current is selected in the Branch field.

f. Click Save

4. Use one of these methods to install the agent on client systems:

a. Push an agent using the Send Agent Install option.

b. For third-party deployment methods, create an agent installation package, FramePkg.exe, using the

(7)

c. Create a deployment task.

Installing on ePolicy Orchestrator 4.5.X systems

This section provides instructions for installing McAfee Agent 4.5 P1 for use with ePolicy Orchestrator 4.5 on Windows and Non-Windows using two different methods.

Tasks

Installing on Windows using ePolicy Orchestrator 4.5.X

You must have administrator rights on the Windows system to perform this task. The agent extension must be installed on the ePolicy Orchestrator server before the agent is installed on any clients.

the system containing the ePolicy Orchestrator server. 2. Install the agent extension:

a. In the ePolicy Orchestrator 4.5 console, click Menu | Software.

b. On the Extensions tab, click Install extension.

3. Check in the agent package to the ePolicy Orchestrator repository:

Note: If installing on a computer running Common Management Agent 3.6, the package must be checked in to the Current repository branch.

a. In the ePolicy Orchestrator 4.5 console, click Menu | Software | Master Repository

b. Click Check In Package.

c. Browse to the location containing MA450P1WIN.zip, select it and click Next.

d. Ensure that Current is selected in the Branch field.

e. Click Save.

4. Create a deployment task or push the agent to client systems. If using the push method, follow these steps:

a. In the ePolicy Orchestrator 4.5 console, click Menu | Systems.

b. Select the target systems or groups.

c. Click Deploy Agent.

d. Select the version of the agent to be deployed.

e. Type valid credentials in the Domain, User name, and Password fields.

f. Click OK.

Installing on Windows using third-party deployment methods

The agent extension must be installed on the ePolicy Orchestrator server before the agent is installed on any clients. Tip: This task requires the creation of an agent installation package, FramePkg.exe (see Step 4). Installation of the package requires administrator rights.

(8)

2. Install the agent extension:

a. In the ePolicy Orchestrator console,

i. For 4.5 – Click Menu | Software | Extensions. ii. For 4.0 – Click Configuration | Extensions.

b. Click Install extension.

3. Using the ePolicy Orchestrator console, check in the agent package to the Current (default) repository branch.

4. Create an installation package:

a. In the ePolicy Orchestrator console

i. For 4.5 – Click Menu | Systems. ii. For 4.0 – Click Systems.

b. At the bottom of the System Tree, click New Systems.

c. Select Create and download the agent installation package.

d. Deselect Use Credentials.

e. Click OK. The Download file dialog box opens.

f. Select FramePkg.exe and save it to the desktop.

5. Note the location of the downloaded FramePkg.exe to identify it when using your third-party deployment system.

You can add parameters and switches as allowed by your deployment system. For a list of available parameters, see Installing, upgrading and uninstalling using Windows command-line switches.

Upgrading

This section provides instructions for upgrading the agent from versions 3.6, 4.0 and 4.5 to McAfee Agent 4.5 Patch 1.

Upgrading on Windows using FramePkg_upd.exe

You must have administrator rights to perform this task.

1. Download and extract the MA 4.5 Patch 1 agent package, MA450P1WIN.zip, to a temporary location.

2. Copy FramePkg_upd.exe to a location on the target client.

3. From the command line on the client, type <path> /FramePkg_upd.exe /upgrade, where <path> is the location

containing the copied file. This command is the equivalent of double-clicking FramePkg_upd.exe in the folder containing the installation package.

Installing, upgrading and uninstalling using Windows command-line switches

This section describes using selected command-line and MSI parameters to specify installation and upgrading preferences. Use the list of tasks as a menu from which to select those that suit your circumstances and preferences.

Tasks

Installing the agent and data in their default locations using default site list and key information Installing the agent in specified folders

Installing the agent with user-selected policies Installing the agent and specifying the log folder

Installing the agent with user-selected site information and user-selected keys Installing the agent by force

(9)

Installing without requiring specific user privileges Installing silently

Installing with specification of interface and log file language Upgrading Windows agent to a new version

Uninstalling the Windows agent

Converting from unmanaged mode to managed mode Converting from managed mode to unmanaged mode Changing server

Installing the agent and data in their default locations using default site list and key

information

Use this command to install the agent, site list and keys in their default locations. This command is the equivalent of double-clicking the program file in the installation package.

framepkg.exe

Installing the agent in specified folders

Use this command to install the agent in a folder other than the default. The example shown here specifies a folder for the installation files (instdir) and a folder for the data files (datadir). These can be the same or different folders.

framepkg.exe /install=agent /instdir=<target folder name> /datadir=<target folder name>

Installing the agent with user-selected policies

Use this command for installation and upgrade to include policies selected by the administrator rather than the default policies.

framepkg.exe /install=agent /agentpolicy=<full path of user-defined server.bin file>

Note: Policies are stored in the server.bin file.

The following steps illustrate how to create a server.bin file:

1. Configure the policies on an ePolicy Orchestrator server.

2. Enforce the policies on a selected client. The client’s server.bin file now includes the user-selected policies. The

server.bin can be found on the client at Documents and Settings\All Users\Application Data\McAfee\Common Framework.

3. Copy the new server.bin file from the client to a shared location.

Installing the agent and specifying the log folder

Use this command to install the agent in its default location and specify a log file other than the default log file as the record of the agent’s activities.

framepkg.exe /install=agent /logdir=<target folder name>

Note: The /logdir parameter can be appended to other installation commands.

Installing the agent with user-selected site information and user-selected keys

Use this command to install the agent and specify a site list file and security keys (srpubkey.bin and reqseckey.bin) other than the defaults. This command is useful when upgrading an agent using FramePkg_upd.exe. It specifies the server with which the agent communicates, irrespective of the site information embedded in the original installation package.

framepkg.exe /install=agent /siteinfo=<full path of sitelist.xml>

The security keys must be located in the same folder as the site list. Use ePolicy Orchestrator to export the files: 1. Export the Sitelist file:

(10)

a. Select Software | Master Repository.

b. Click Export Sitelist.

c. Save the file to a new location.

2. Export the security keys:

a. Select Configuration | Server Settings | Security Keys, and click Edit.

b. Select Master Agent-server secure communication key, and click Export.

c. Save the files to the same location as the Sitelist file.

Installing the agent by force

Use this command to delete the currently installed agent and force install a different agent only when: Downgrading to an earlier version of the agent.

Changing the names of the folders that contain the agent. Restoring the agent’s settings to a default state.

framepkg.exe /install=agent /forceinstall

Note: McAfee strongly advises that you only use /forceinstall to install the McAfee Agent under the conditions stated above, because the command:

Deletes current program files and restores data files to a default state. As a result, all user-configured repositories and user-created tasks are lost.

Removes the currently installed agent and introduces the risk that installation of the replacement agent could fail. As a result, one or more systems could have no agent at all.

Sometimes requires a restart of the system.

Installing without requiring specific user privileges

Use this command to allow all users access to agent files and registry, regardless of their user privileges. framepkg.exe /install=agent /defaultpermissions

Installing silently

Use this command to install the agent without displaying information dialog boxes on the client. framepkg.exe /install=agent /s or framepkg.exe /install=agent /silent

Installing with specification of interface and log file language

Use this command to install the agent and specify a language other than the target computer’s native language. framepkg.exe /install=agent /uselanguage=<language code>

Language codes are:

Language Code Chinese (Simplified) 0804 Chinese (Traditional) 0404 Dutch 0413 English 0409 French 040C

(11)

German 0407 Italian 0410 Japanese 0411 Korean 0412 Polish 0415 Portuguese 0416 Spanish 040A Swedish Russian 041D 0419

Note: To restore the computer’s native language, type /resetlanguage

Upgrading the Windows agent to a new version

Use either of these commands to upgrade the agent to a new version. framepkg_upd.exe or framepkg.exe /upgrade

Using these commands is the equivalent of double-clicking FramePkg_upd.exe in the installation package.

Uninstalling the Windows agent

Some managed products, such as McAfee VirusScan Enterprise and McAfee Host Intrusion Prevention, incorporate their own copies of the agent.

Disconnect the agent from its ePO server, and if there are no point-products using it for updating, remove it completely:

frminst.exe /remove=agent

Remove the agent completely, but only if it is not connected to an ePO server and no point-products are using it for updating:

frminst.exe /uninstall

Remove the agent completely, even if it is connected to an ePO server or point-products are using it for updating: frminst.exe /forceuninstall

Converting from unmanaged mode to managed mode

Use this task to convert a client currently operating in unmanaged mode to managed mode.

If the sitelist.xml file is from ePolicy Orchestrator 4.0.0 or later, the security keys must be located in the same folder as the site list.

frminst.exe /install=agent /siteinfo=<full path of target server’s sitelist.xml file>

Converting from managed mode to unmanaged mode

Use this task to convert a client currently operating in managed mode to unmanaged mode. frminst.exe /remove=agent

(12)

Use this task to change the server with which a client communicates. The security keys must be located in the same folder as the site list. frminst.exe /siteinfo=<full path of target server’s sitelist.xml file>

Allowing users to configure proxy settings

Laptop users of Windows can configure proxy settings for downloading McAfee VirusScan Enterprise updates while in the field. This requires making changes in the ePolicy Orchestrator console and in the VirusScan console. The ePolicy Orchestrator changes must be completed before making the VirusScan changes.

Tasks

Changes in the ePolicy Orchestrator console Changes in the VirusScan console

Changes in the ePolicy Orchestrator console

You must have ePolicy Orchestrator administrator rights to perform this task.

1. Select Systems | System Tree and select or create the systems where proxy settings are to be allowed.

2. Select Systems | Policy Catalog.

3. In the Product field, select McAfee Agent.

4. In the Category field, select General.

5. Select a policy (for example, “My Default”) and click “Edit.”

6. Click Proxy.

7. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy settings.” The

new policy is enforced at the next agent-to-server communication interval (ASCI). Alternatively, you can trigger enforcement by invoking an agent wake-up call. See the ePolicy Orchestrator Product Guide for instructions.

Changes in the VirusScan console

Any remote user who can access VirusScan Enterprise can perform this task.

1. From the Tools menu of the VirusScan Console, select Edit AutoUpdate Repository List.

2. Select the Proxy settings tab.

3. Select “Use Internet Explorer settings (Windows only),” then select “Allow user to configure proxy settings.”

4. Click Configure, then supply the required HTTP or FTP information, then click OK.

Finding documentation for McAfee enterprise products

1. Go to the McAfee ServicePortal (mysupport.mcafee.com) and, under Support by Reading, click Product

Documentation. 2. Select a Product.

3. Select a Version.

4. Select a product document.

License attributions

This product includes or may include:

(13)

written by Eric A. Young and software written by Tim J. Hudson | Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL, which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. * Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. | Software originally written by Robert Nordier, Copyright © 1996-7 Robert Nordier. | Software written by Douglas W. Sauder. | Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. | International Components for Unicode (“ICU”)

Copyright © 1995-2002 International Business Machines Corporation and others. | Software developed by CrystalClear Software, Inc., Copyright © 2000 CrystalClear Software, Inc. | FEAD® Optimizer® technology, Copyright Netopsystems AG, Berlin, Germany. | Outside In® Viewer Technology © 1992-2001 Stellent Chicago, Inc. and/or Outside In® HTML Export, © 2001 Stellent Chicago, Inc. | Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, © 1998, 1999, 2000. | Software copyrighted by Expat maintainers. | Software copyrighted by The Regents of the University of

California, © 1996, 1989, 1998-2000. | Software copyrighted by Gunnar Ritter. | Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A., © 2003. | Software copyrighted by Gisle Aas. © 1995-2003. | Software copyrighted by Michael A. Chase, © 1999-2000. * Software copyrighted by Neil Winton, © 1995-1996. | Software copyrighted by RSA Data Security, Inc., © 1990-1992. | Software copyrighted by Sean M. Burke, © 1999, 2000. | Software copyrighted by Martijn Koster, © 1995. | Software copyrighted by Brad Appleton, © 1996-1999. | Software copyrighted by Michael G. Schwern, © 2001. | Software copyrighted by Graham Barr, © 1998. | Software copyrighted by Larry Wall and Clark Cooper, © 1998-2000. | Software copyrighted by Frodo Looijaard, © 1997. | Software copyrighted by the Python Software Foundation, Copyright © 2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org. | Software copyrighted by Beman Dawes, © 1994-1999, 2002. | Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek © 1997-2000 University of Notre Dame. | Software copyrighted by Simone Bordet & Marco Cravero, © 2002. | Software copyrighted by Stephen Purcell, © 2001. | Software developed by the Indiana University

Extreme! Lab (http://www.extreme.indiana.edu/). | Software copyrighted by International Business Machines Corporation and others, © 1995-2003. | Software developed by the University of California, Berkeley and its contributors. | Software developed by Ralf S. Engelschall <[email protected]> for use in the mod_ssl project (http:// www.modssl.org/). | Software copyrighted by Kevlin Henney, © 2000-2002. | Software copyrighted by Peter Dimov and Multi Media Ltd. © 2001, 2002. | Software copyrighted by David Abrahams, © 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. | Software

copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, © 2000. | Software copyrighted by Boost.org, © 1999-2002. | Software copyrighted by Nicolai M. Josuttis, ©1999. | Software copyrighted by Jeremy Siek, © 1999-2001. | Software copyrighted by Daryle Walker, © 2001. | Software copyrighted by Chuck Allison and Jeremy Siek, © 2001, 2002. | Software copyrighted by Samuel Krempp, © 2001. See http://www.boost.org for updates, documentation, and revision history. | Software copyrighted by Doug Gregor ([email protected]), © 2001, 2002. | Software copyrighted by Cadenza New Zealand Ltd., © 2000. | Software copyrighted by Jens Maurer, © 2000, 2001. | Software copyrighted by Jaakko Järvi ([email protected]), © 1999, 2000. | Software copyrighted by Ronald Garcia, © 2002. | Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, © 1999-2001. | Software copyrighted by Stephen Cleary ([email protected]), © 2000. | Software

copyrighted by Housemarque Oy <http://www.housemarque.com>, © 2001. | Software copyrighted by Paul Moore, © 1999. | Software copyrighted by Dr. John Maddock, © 1998-2002. | Software copyrighted by Greg Colvin and Beman Dawes, © 1998, 1999. | Software copyrighted by Peter Dimov, © 2001, 2002. | Software copyrighted by Jeremy Siek and John R. Bandela, © 2001. | Software copyrighted by Joerg Walter and Mathias Koch, © 2000-2002. | Software copyrighted by Carnegie Mellon University © 1989, 1991, 1992. | Software copyrighted by Cambridge Broadband Ltd., © 2001-2003. | Software copyrighted by Sparta, Inc., © 2003-2004. | Software copyrighted by Cisco, Inc and Information Network Center of Beijing University of Posts and Telecommunications, © 2004. | Software copyrighted by Simon Josefsson, © 2003. | Software copyrighted by Thomas Jacob, © 2003-2004. | Software copyrighted by Advanced Software Engineering Limited, © 2004. | Software copyrighted by Todd C. Miller, © 1998. | Software copyrighted by The Regents of the University of California, © 1990, 1993, with code derived from software contributed to Berkeley by Chris Torek.

COPYRIGHT

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARK ATTRIBUTIONS

AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.

(14)

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB-SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.