VirusScan Enterprise Quick Start
Technical Articles ID:
KB79580
Last Modified: 4/7/2017
Environment
McAfee VirusScan Enterprise (VSE) 8.x
Summary
If you are new to VSE, this article helps you understand how to set up and correctly configure VSE.
VSE is an anti-virus product that detects and protects your computers from multiple types of digital threats such as worms, viruses, trojans, spyware, and so on. These threats are collectively known as malware. Essentially, malware is undesirable code that you want to keep out of your environment.
You typically install VSE on servers, desktops, laptops, and tablets. You can install it on most devices that are capable of running a supported Microsoft Windows operating system. For a full list of supported Windows operating systems, see KB51111.
Your to do list
This list describes the things you should do and explains why you should do them.
| To do |
Explanation |
| Download the software |
McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.
NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products. |
| Download the documentation |
Documentation for all products is available in PDF form from the Knowledge Base. It is a good idea to download and read through these documents because they can help you get up and running quickly. Also, documents such as the Best Practices Guide become a useful reference when you want to learn more about the way in which VSE works.
Document checklist:
- VirusScan Enterprise 8.8 Installation Guide (PD22944)
- VirusScan Enterprise 8.8 Product Guide (PD22941)
- VirusScan Enterprise 8.8 Best Practices Guide (PD22940)
|
| Check for post-release fixes |
When Microsoft releases new operating systems or Service Packs, the original product guides might not reflect the current support policy for those platforms. To see information about post-release fixes and product support that might not be in the product guides, see the supported environments article for VSE (KB51111). |
| Check for post-release known issues |
As with all software products, when a new or updated version of a complex product such as VSE is released, there might be some known issues that emerge. When McAfee become aware of issues we make you aware of them via a known issues article that lists the issues and in most cases provides additional information or guidance.
You can search the Knowledge Base for "known issues" for most products. To see the known issues for VSE 8.8, see KB70393. |
| Understand your environment |
It is essential that you fully understand your environment before you attempt to roll out and configure VSE. For example, some software companies recommend that you exclude parts of their products (such as temporary working folders) from being scanned by an anti-virus scanner. This is because the scanner might interfere with the way in which that product works, potentially making it run much slower than usual or causing it to have other issues. If you exclude folders from being scanned, they are known as AV exclusions.
Some things to understand about your environment are as follows:
- What are the roles of your servers? List them all. (For example, Web services, SQL services, Citrix services, Domain controller, ePolicy Orchestrator (ePO) server, and so on.)
- What are the recommended AV exclusions from the vendor for that product/solution? Plan on adopting those recommended settings. Later on, you can assess if those recommendations can be made more secure by viewing article KB79589.
- What applications run on the Desktop/Laptop/Tablet/other device where VSE will be installed?
- What are the recommended AV exclusions from the vendor for those applications?
- Do you have a list of applications that require kernel drivers to operate? These types of programs have a higher probability of experiencing compatibility issues with VSE. For example:
- Backup software
- File encryption software
- VPN or Remote Access software
- Host Intrusion Prevention software
You have now identified a list of applications that require configuration settings and have a list of programs you should consider doing compatibility testing with, including 'soak' testing where you test your environment under load for an extended period of time. This would ideally include a pilot program, and perhaps even a user-acceptance program. |
| Decide upon a deployment strategy |
There are many different ways that you can deploy VSE to your environment. The best, and easiest, solution is to use ePO product. This not only allows you to install and configure McAfee products remotely, but it also allows you to produce reports for each of those products and installations.
As previously mentioned, you can use third-party solutions to install VSE. In most cases you must ensure that the VSE installation files are available, and then you run SetupVSE.exe. If your tool relies solely on the VSE MSI installation package, see KB79567.
Whatever the case, conceptualize how you want the deployment to proceed (by group, by region, by IP range, and so on) and after completing an installation to that group, allow some soak time before pushing the install to the next group. The soak time allows for fielding of problem reports and getting them investigated. |
| Decide upon an update strategy |
For an anti-virus product such as VSE to remain effective, you must keep it up to date. In other words, it always has to have the latest virus definitions (DAT files) to be able to identify and clean the latest forms of malware. It is also important to keep the Scan Engine updated. This happens automatically when the update task runs daily; therefore, VSE can keep itself current as long as a network/Internet connection is available.
If you are managing your products with ePO, VSE updates from your ePO server instead of directly over the Internet. The ePO server has a repository where the latest DATs and Engine files are held. This means that your products all get their updates from the central ePO repository rather than downloading the updates from the Internet. This reduces your Internet traffic considerably. It is therefore essential that you keep your ePO server's repository updated. Also, if you have created your own Agent Update task, you have to disable the VSE default update task. |
| Test and pilot |
It is important to ensure that VSE works well with the other products in your environment. Be aware that although VSE might work well with your currently installed products, there might be an issue or conflict with new or updated versions of either VSE or your other products.
Therefore, when you plan on installing new versions of either product, test them first to avoid unexpected issues. Do not assume that everything will work without issue, but assume that there will be a problem with the new product you are about to install, and so do a pilot test on a few users and ensure that everything works as expected before rolling out to your wider environment.
Pilot, or progressive, deployments typically catch issues that you would not want to experience on a wide scale mass deployment. |
| Deployment and maintenance |
Deploying the software in a phased approach is the best approach to take, and McAfee recommends ePO as the tool for deploying and managing VSE.
When you have finished your deployment, you have to monitor your installations to ensure that everything is working as expected:
- Ensure that your systems are getting their updates properly with ePO (ePO users can run Compliance Reports that can highlight systems that are not using the latest DATs, and so on).
- Sign up for Support Notification Service (SNS), so we can instantly share with you any news we feel is important regarding our products.
|
|
Loading...
