Recommended Repository Check-in Procedure
This product update deployment task is configured for multiple update packages on a
single managed product. When you check in multiple product update packages (hotfixes or
patch updates) for a single managed product, note the following:
- Check in all related update packages into the ePolicy Orchestrator (ePO) repository branch that you want
- Check in the packages in the correct order of deployment.
- Do not move or copy multiple packages, which are used for a single managed product update task, from one ePO branch to another.
To change ePO deployment branches when managing multiple package deployments (for example, from Evaluation to Current) do the following:
- Delete all related packages from the first deployment branch.
NOTE: Deletion of the existing packages from a repository branch is the only effective means to ensure that correct deployment detection script sequencing is maintained for multiple package deployments.
- Recheck the multiple packages into the new repository branch in the deployment order needed.
- To update specific client systems from specific ePO repository branches, change the McAfee Agent policy settings for those systems. The Host IPS updates are pulled from the Evaluation branch instead of the Current branch. To change the McAfee Agent policy settings, go to McAfee Agent, General, My Default, Updates.
Recommended ePO product upgrade steps for systems currently running either Host IPS 8.0 GA (8.0.0.1741) or Patch 1 (8.0.0.1919):
- Check in Host IPS 8.0 HF833271 to a designated branch of the ePO repository.
- Check in Host IPS 8.0 Patch 2 (incremental update package) to a designated branch of the ePO repository.
- To configure a product update task, first review the list of selectable Patches and Service Packs. The list is available under Products, patches, service packs, etc. entry for Package types.
- If the list includes more than one entry for Host IPS 8.0, ensure that all these entries are selected.
- If your system is not fully updated after running the update task once, rerun it again to fully update systems with all packages. Product update tasks adhere to the following logic when updating a managed product:
- Install content updates.
- Install an available hotfix update
- Install an available patch update.
The first product update task installs Hotfix 833271 and Patch 2 (and only Hotfix 833271 for some networks). The next update task will install Patch 2. Customers might opt to do it by configuring a single product update task using the following options:
- Configure a Daily product update task to run once per day. All packages will be deployed after 1 (or 2) successive days (or 1–2 runs of the product update task).
- Configure multiple scheduled task times for a single update task. All packages will be deployed after 1 (or 2) successive product update tasks are completed.
- Configure a product update task to repeat (McAfee recommends 30 minutes, or more, task intervals). All packages will be deployed after 2 (or 3) successive product update tasks are completed.
NOTE: McAfee also recommends using Task Randomization in large environments to reduce high periods of bandwidth consumption.
Product Update tasks must be rerun on client systems not reporting the correct product version for Patch 2 (8.0.0.2151).
If client systems are reporting product version 8.0.0.2481 (HF833271), the Product Update tasks must be rerun on client systems to install Patch 2. Contact Technical Support for further assistance if you have product update issues after multiple product update tasks have run on the systems.
To contact Technical Support, log on to the ServicePortal and go to the Create a Service Request page at
https://support.mcafee.com/ServicePortal/faces/serviceRequests/createSR:
- If you are a registered user, type your User Id and Password, and then click Log In.
- If you are not a registered user, click Register and complete the required fields. Your password and logon instructions will be emailed to you.
Version Reporting:
The Host IPS product version can be verified by running the
Host IPS: Client Versions report template under ePO
Queries and Reports.
IMPORTANT: Systems displaying version 8.0.0.2481 applied
have not successfully upgraded to
Patch 2. As such, the deployment task must be run again to ensure proper upgrade to version 8.0.0.2151.
The report displays the report shows which the versions of Host IPS running on each client system. If a system is not fully upgraded to
patch 2 (8.0.0.2151), the update task must be rerun on the system reporting (8.0.0.2481) to ensure it is fully upgraded to
Patch 2 (8.0.0.2151).
Hotfix Reporting
Systems will need to have reported back full properties after the installations before the most current report data is available. To query hotfix information for Host IPS and VirusScan Enterprise directly from the SQL database, see
KB67406.