Loading...

Knowledge Center


Recommended upgrade paths for McAfee Agent, Host Intrusion Prevention, and VirusScan Enterprise
Technical Articles ID:   KB87328
Last Modified:  8/8/2017
Rated:


Environment

McAfee Agent (MA) 5.x, 4.8
McAfee Host Intrusion Prevention (Host IPS) 8.0
McAfee VirusScan Enterprise (VSE) 8.8

For details of VSE supported environments, see KB51111.
For details of Host IPS supported environments, see KB70778 .
For details of MA supported environments, see KB51573.

Summary

Current versions of McAfee endpoint products use shared components to achieve individual product protection. Some of these shared components use newer versions of Validation Trust Protection (VTP) to provide security to McAfee software. In the past, this service was added through the VSE installation.

VTP can now be updated when installing any one of several McAfee endpoint products. This means that separate endpoint products could be using or expect to be using different versions of the shared component.

IMPORTANT: 
  • If separate endpoint products use different shared component versions, the inter-product trust relationship can become out of sync and thus vulnerable to a potential security breach.
  • It is critical that the trust relationship between McAfee endpoint products be maintained.
McAfee Recommendation 
Before you upgrade MA, Host IPS, or VSE, carefully follow the instructions in the following tables to ensure that your endpoint products use compatible versions of shared components. It is critical that you follow the steps completely and in the order presented to avoid complications.
 
Document Modification History: This document was created on June 16, 2016, and will be updated as needed. These are the current versions of these products, but they can and will change. If your environment includes McAfee products that depend on the VTP shared technology and are not mentioned in this document, contact Technical Support for additional assistance. (See the Related Information section of this article for contact details.)

Solution

Safe VSE/MA Upgrade Paths

NOTES:
  • If you are confused between the steps advised in this article and those in SB10151, give preference to this article because it is more recently updated.
  • If you also use Host IPS, refer to the Safe Host IPS Upgrade Paths table (in Solution 2) before you perform any actions for VSE or MA.
  • As a rule, upgrade other products before you upgrade the McAfee Agent. This will be shown in the table below.
To use this chart:
  1. Determine the versions of VSE and MA in your environment. For help determining the versions, see the following articles:
  2. Locate the intersecting box in the table where your product versions appear and perform the listed instructions.
     
    Example: If you currently have VSE 8.8 Patch 7 and the latest MA 5.x version, you would apply VSE 8.8 Patch 9.

    NOTE: For new installations, you should start with MA 4.8 Patch 3 Hotfix 3 (build 4.8.0.1995) or the latest version of VSE, and then deploy the latest version of MA 5.x.
     
    Note that some steps are described as (Recommended) or (Optional).
    • Recommended = If you plan to remain on the legacy version, you should use the latest product patch available. But, if you are transitioning to Endpoint Security, you can skip the recommendation.
    • Optional = An optional step. If you skipped the Recommended step, also skip the Optional step. It is mentioned only to guide you toward the latest available version.
It is best practice that you follow standard software adoption best practices. Before a production rollout, ensure that you test any upgrades in a lab environment or on only a few systems first to eliminate any environmental or third-party issues. It is also best practice to use a staged rollout.

If you are currently on a version of either MA or VSE that is not listed in the table, contact Technical Support for assistance prior to upgrading. (See the Related Information section of this article for contact details.)

IMPORTANT: It is strongly recommended that you reboot systems where indicated. If you postpone the reboot, you increase the risk for a blue screen error from stack exhaustion, or a known issue associated with older driver code that is still in memory.

MA 4.8 Patch 3
 
 
MA 4.8 Patch 3
(build 4.8.0.x)
Not upgrading MA; only upgrading VSE
Upgrading MA 4.8 to 5.x
VSE 8.8 Patch 2
(build 8.8.0.975)
  1. Upgrade to VSE 8.8 Patch 7.
  2. Reboot.1
  3. (Recommended) Upgrade to VSE 8.8 Patch 9.
  1. Check in the VSE 8.8 Patch 9 extension.2
  2. Upgrade to MA 5.0.6.
  3. Upgrade to VSE 8.8 Patch 7.
  4. Reboot.1
  5. Upgrade to VSE 8.8 Patch 9.
VSE 8.8 Patch 3
(build 8.8.0.1128)
VSE 8.8 Patch 4
(build 8.8.0.1247)
  1. Upgrade to VSE 8.8 Patch 9.
  2. Reboot.1
  1. Check in the VSE 8.8 Patch 9 extension.2
  2. Upgrade to MA 5.0.6.
  3. Upgrade to VSE 8.8 Patch 9.
  4. Reboot.1
VSE 8.8 Patch 5
(build 8.8.0.1385)
  1. Upgrade to VSE 8.8 Patch 9.
VSE 8.8 Patch 6
(build 8.8.0.1445)
VSE 8.8 Patch 7
(build 8.8.0.1528)


And if Hotfix 1123565 is installed
  1. Upgrade to VSE 8.8 Patch 9.
  1. Upgrade to MA 5.0.6.
  2. Upgrade to VSE 8.8 Patch 9.
VSE 8.8 Patch 8
Builds:
8.8.0.1588 (RTW) 
or
8.8.0.1599 (Repost)
  1. Upgrade to VSE 8.8 Patch 9.
(Recommended) Upgrade to MA 5.0.6.
 
1 The purpose of the reboot is to unload older VSE driver code from memory that can destabilize the system.
2 See the "Configure essential features" section of the ePolicy Orchestrator 5.3.0 Product Guide (PD25504) for instructions.

MA 5.0.x
 
 
MA 5.0
Patch 1
Patch 2 1

Patch 3 2
(build 5.0.3.x) or later
(build 5.0.1.516
or build 5.0.1.518)
 
RTW
(build 5.0.2.132)
Hotfix 1091027
(build 5.0.2.188)
 Hotfix 1110392
(build 5.0.2.333)
VSE 8.8 Patch 2
(build 8.8.0.975)
  1. Check in the VSE 8.8 Patch 8 extension.4
  2. Check in the most current MA extension.4
  3. Upgrade to VSE 8.8 Patch 6.
  4. Upgrade to MA 5.0.2.188 or later.
  5. Upgrade to VSE 8.8 Patch 9.
  6. Reboot.3
  7. (Optional) Upgrade to MA 5.0.6.
  1. Check in the VSE 8.8 Patch 9 extension.4
  2. Check in the most current MA extension.4
  3. Upgrade to VSE 8.8 Patch 6.
  4. Upgrade to MA 5.0.2.188 or later.
  5. Upgrade to VSE 8.8 Patch 9.
  6. Reboot.3
  7. (Optional) Upgrade to MA 5.0.6.
  1. (Recommended) Upgrade to VSE 8.8 Patch 7.
  2. (Recommended) Upgrade to VSE 8.8 Patch 9.
  3. (Optional) Upgrade to MA 5.0.6.
VSE 8.8 Patch 3
(build 8.8.0.1128)
VSE 8.8 Patch 4
(build 8.8.0.1247)
  1. Upgrade to VSE 8.8 Patch 9.
  2. Upgrade to MA 5.0.6.
  1. (Recommended)
    Upgrade to VSE 8.8 Patch 9.
     
  2. (Optional)
    Upgrade to MA 5.0.6.
VSE 8.8 Patch 5
(build 8.8.0.1385)
VSE 8.8 Patch 6
(build 8.8.0.1445)
VSE 8.8 Patch 7
(build 8.8.0.1528)


And if Hotfix 1123565 is installed
  1. Upgrade to VSE 8.8 Patch 9.
  2. Upgrade to MA 5.0.6.
(Recommended) Upgrade to VSE 8.8 Patch 9.
VSE 8.8 Patch 8
Builds:
8.8.0.1588 (RTW) 
or
8.8.0.1599 (Repost)
(Recommended) Upgrade to MA 5.0.6. (Recommended) Upgrade to MA 5.0.6.
 
 
1 MA 5.0.2.285 must be upgraded to a later MA version before you refer to this table.
2 MA 5.0.3.x can be any 5.0.3 build. It is recommended that you use the latest.
3 The purpose of the reboot is to unload older VSE driver code from memory that can destabilize the system.
4 See the "Configure essential features" section of the ePolicy Orchestrator 5.3.0 Product Guide (PD25504) for instructions.

Solution

Safe Host IPS Upgrade Paths
This table applies to all Host IPS customers and should be reviewed in consideration of upgrading Host IPS, or any of the shown products:
 

Reference: KB87658

MA 5.0.3 and earlier, or VSE 8.8 Patch 7 and earlier

MA 5.0.4

VSE 8.8 Patch 8

ENS 10.2 / 10.1.2 / 10.1.1

Host IPS 8.0 Patch 8

No action necessary.

Host IPS 8.0 Patch 5 - 7

Upgrade to Host IPS 8.0 Patch 8.

Apply Hotfix 1153407 or upgrade to Host IPS 8.0 Patch 8.

Host IPS 8.0 Patch 4

Upgrade to Host IPS 8.0 Patch 8.
Host IPS 8.0 Patch 3 and earlier
  1. Upgrade to Host IPS 8.0 Patch 4.
  2. Upgrade to Host IPS 8.0 Patch 8.

If you have MA and/or VSE in your environment, follow these steps to upgrade Host IPS:
  1. If you also have Application and Change Control installed in your environment, see KB86141 before proceeding.
  2. Upgrade to Host IPS 8 Patch 8 (build 8.0.0.3828).
  3. Follow the steps in the Safe VSE/MA Upgrade Paths table that meet your needs.

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.