VirusScan Enterprise Quick Start
Technical Articles ID:
KB79580
Last Modified: 7/20/2020
Environment
McAfee VirusScan Enterprise (VSE) 8.x
Summary
If you are new to VSE, this article helps you understand how to set up and correctly configure VSE.
VSE is an antivirus product that detects and protects your computers from multiple types of digital threats. These digital threats include worms, viruses, trojans, and spyware. These threats are collectively known as malware. Essentially, malware is undesirable code that you want to keep out of your environment.
You typically install VSE on servers, desktops, laptops, and tablets. You can install it on most devices that can run a supported Microsoft Windows operating system. For a full list of supported Windows operating systems, see KB51111.
To do list
This list describes the things you must do and explains why you must do them.
| To do |
Explanation |
| Download the software |
|
| Download the documentation |
Documentation for all products is available in PDF form from the Knowledge Base. It is a good idea to download and read through these documents because they can help you get up and running quickly. Also, documents such as the Best Practices Guide become a useful reference when you want to learn more about how VSE works.
Document checklist:
|
| Check for post-release fixes |
When Microsoft releases new operating systems or Service Packs, the original product guides might not reflect the current support policy for those platforms. To see information about post-release fixes and product support that might not be in the product guides, see the supported environments article for VSE (KB51111). |
| Check for post-release known issues |
As with all software products, when a new or updated version of a complex product such as VSE is released, there might be some known issues that emerge. When McAfee become aware of issues, we make you aware of them through the known issues article that lists the issues and usually provides additional information or guidance.
You can search the Knowledge Base for "known issues" for most products. To see the known issues for VSE 8.8, see KB70393. |
| Understand your environment |
It is important that you fully understand your environment before you try to roll out and configure VSE. For example, some software companies recommend that you exclude parts of their products such as temporary working folders from being scanned by an antivirus scanner. It is because the scanner might interfere with how that product works, potentially making it run much slower than usual or causing it to have other issues. If you exclude folders from being scanned, they are known as AV exclusions.
Some things to understand about your environment are as follows:
- What are the roles of your servers? List them all. (For example, Web services, SQL services, Citrix services, Domain controller, and ePolicy Orchestrator (ePO) server.)
- What are the recommended AV exclusions from the vendor for that product/solution? Plan on adopting those recommended settings. Later on, you can assess if those recommendations can be made more secure by viewing article KB79589.
- What applications run on the Desktop/Laptop/Tablet/other device where VSE will be installed?
- What are the recommended AV exclusions from the vendor for those applications?
- Do you have a list of applications that require kernel drivers to operate? These types of programs have a higher probability of experiencing compatibility issues with VSE. For example:
- Backup software
- File encryption software
- VPN or Remote Access software
- Host Intrusion Prevention software
You have now identified a list of applications that require configuration settings. Also, you have a list of programs that you must consider doing compatibility testing with, including 'soak' testing where you test your environment under load for an extended time. It would ideally include a pilot program, and even a user-acceptance program. |
| Decide the deployment strategy |
There are many different ways that you can deploy VSE to your environment. The best, and easiest, solution is to use ePO product. It not only allows you to install and configure McAfee products remotely, but it also allows you to produce reports for each of those products and installations.
As previously mentioned, you can use third-party solutions to install VSE. Usually, you must make sure that VSE installation files are available, and then you run SetupVSE.exe. If your tool relies solely on the VSE MSI installation package, see KB79567.
Whatever the case, conceptualize how you want the deployment to continue (by group, by region, and by IP range). After completing an installation to that group, allow some soak time before pushing the install to the next group. The soak time allows for fielding of problem reports and getting them investigated. |
| Decide on an update strategy |
For an antivirus product such as VSE to remain effective, you must keep it up to date. In other words, it always has to have the latest virus definitions (DAT files) to identify and clean the latest forms of malware. It is also important to keep the Scan Engine updated. It happens automatically when the update task runs daily; so, VSE can keep itself current as long as a network/Internet connection is available.
If you are managing your products with ePO, VSE updates from your ePO server instead of directly over the internet. The ePO server has a repository where the latest DATs and Engine files are held. It means that your products all get their updates from the central ePO repository rather than downloading the updates from the internet. It reduces your internet traffic considerably. It is so essential that you keep your ePO server's repository updated. Also, if you have created your own Agent Update task, you have to disable the VSE default update task. |
| Test and pilot |
It is important to make sure that VSE works well with the other products in your environment. Although VSE might work well with your currently installed products, there might be an issue or conflict with new or updated versions of either VSE or your other products.
So, when you plan on installing new versions of either product, test them first to avoid unexpected issues. Do not assume that everything works without issue, but assume that there can be a problem with the new product you are about to install. So, do a pilot test on a few users and make sure that everything works as expected before rolling out to your wider environment.
Pilot, or progressive, deployments typically catch issues that you would not want to experience on a wide scale mass deployment. |
| Deployment and maintenance |
It is recommended that you deploy the software in a phased approach. McAfee recommends ePO as the tool for deploying and managing VSE.
After you finish your deployment, you have to monitor your installations to make sure that everything is working as expected:
- Make sure that your systems get their updates properly with ePO. ePO users can run Compliance Reports that can highlight systems that are not using the latest DAT.
- Sign up for Support Notification Service (SNS), so we can instantly share with you any news we feel is important regarding our products.
|
|
