McAfee Server Console Maintanence MODIFIED

McAfee
McAfee
AT
NATIONAL INSURANCE COMPANY LIMITED
BY
HCL COMNET LIMITED
-1-
McAfee
Architecture :
The ePO Server is located in Kolkata.

There are 960 branch offices ( Operational Offices ) with an average of 6 systems per branch and these branches are
connected to 20 Regional Offices.
Since the branches have 128KBPS links, the repository deployment should be considered on RO’s regional wise
ePO server in Kolkata .
The ePO server takes update from internet. It replicate the update to the all RO’s . The client machines of different
RO’s take update from RO’s. The machines can also take update from HO. RO and HO have 2 MBPS links. All the
RO’s and HO are connected with each other thorough MPLS .
The first preference for taking updates of an operating office should be the respected RO of that particular operating
office. If any client machine of that operating office can’t take update from its RO then it will go to the another
repository of it’s region.
-2-
McAfee
Contents:-
1. Console Login ( page 3 – 4 )

2. McAfee Server Task ( page 5 – 16 )
3. McAfee Agent Task ( page 17 – 39 )
4. Assign Policies For All Operating Office’s Machines and Servers ( page 40 – 90 )
5. Assign Policy For Laptops ( page 91 – 96 )
6. Daily Maintenance ePO Console ( page 97 – 114 )
7. Installation Process of New Packages ( page 115 – 123 )
8. Manual Server Update ( page 124 – 125 )
9. Replication from Server ( page 126 – 130 )
10. Checking Repository Status ( page 131 – 132 )
11. Checking Reports Logs ( page 133 – 137 )
12. Database Maintenance ( page 138 – 150 )
-3-
McAfee
Console login:
Fig -1
 Click on the ePolicy Orchestrator 3.6.1 Console.
-4-
McAfee
Fig-2
 Click on the Log on the server.

 Type console log in password.
-5-
McAfee
The McAfee Server Task
Fig-3
 Click on Scheduled tasks.

 The following Tasks are :-
• Active Directory .
• DAT Update .
• DR Replication .
• InActive Agents .
• Purging Task (disabled) .
 Select Active Directory and click on modify tasks..
-6-
McAfee
The Active Directory modified settings as defined below (Fig-4 and Fig-5) :-
Fig-4
 The settings for Active Directory task is like this as per NIC architecture.
 Click on next option.
-7-
McAfee
Fig-5
 Click on finish.
-8-
McAfee
The DAT Update modified settings as defined below (Fig-6 and Fig-7) :-
Fig-6
 The settings for DAT Update task is like this as per NIC architecture.
 Click on next .
-9-
McAfee
Fig-7
- 10 -
McAfee
DR Replication modified settings as defined below (Fig-8 and Fig-9) :-
Fig-8
 The settings of DR Replication task is like this as per NIC architecture.

 Click on next.
- 11 -
McAfee
Fig-9
Incremental replication is selected over here, because only the latest update will be replicated to the clients from the
server.
- 12 -
McAfee
InActive Agents modified settings as defined as below (Fig-10 and Fig-11 ) :-
Fig-10
 The settings of Inactive Agents task is like this as per NIC architecture.
 Click on next.
- 13 -
McAfee
Fig-11
 Create a new site “Inactive agent” from directory.

 Period of inactivity will be change as per requirement.
 Action to perform will be “Move” to the created site “Inactive Agent”.
 Select the particular new created site for “Move computers with inactive agents to this site”.
- 14 -
McAfee
Different communication ports:-
Fig-12
 The port settings will be like this as per NIC architecture.
- 15 -
McAfee
New Task Creation Method ( Fig-13 and Fig-14 ) :-
Fig-13
 Click on create task.
- 16 -
McAfee
Fig-14
 Expand the task type.

 Select particular task that you want to create.
 Write the task name.
 Enable the task.
 Set the schedule as per requirement.
- 17 -
McAfee
The McAfee Agent Task

New Task Creation ( Fig-15 to Fig-19 ) :-
Fig-15
 Expand ePolicy Orchestrator and NIC-800000-EPO1 .

 Right click on Directory and click on scheduled task option.
- 18 -
McAfee
Fig-16
 Write new task name .

 Select the task type that you want.
- 19 -
McAfee
Fig-17
 Select Enable (schedule task runs at specific time).

 Click on settings.
This type of task is normally scheduled for daily updates. The client machine will take updates everyday at a
particular scheduled time.
- 20 -
McAfee
Fig-18
 Setting will be like this.

 Click ok.
- 21 -
McAfee
Fig-19
 Click on Schedule.
 Uncheck Inherit.
 Schedule time Daily Start time 11:05:00AM
 Select Local time.
 Enable randomization as 30 minutes.
 Schedule task daily every 1 day(s).
 Click ok.
- 22 -
McAfee
Different Task Settings For all the NIC Operating Office’s Servers and Machines as shown below ( Fig-20 to 37) :-
Fig-20
 Different tasks are:

 Deployment
 Update Daily DAT and Patches
 On Demand Scan for VSE8.0
 On Demand Scan fro VSE8.5
 Agent Wakeup Call
 Immediate Update of DAT and Patches
 Click on Deployment Task.
- 23 -
McAfee
Deployment Task settings as defined below ( fig-21 to 23):-
Fig-21
- 24 -
McAfee
Fig-22
 Click ok.
- 25 -
McAfee
Fig-23
 Click on schedule.
 The modified schedule has been made as per NIC architecture.
 Click ok.
- 26 -
McAfee
Agent Wakeup Call Task settings as defined below (fig 24 to 26):-
Fig-24
 Click on Agent Wakeup Call .

 Click on Settings.
- 27 -
McAfee
Fig-25
- 28 -
McAfee
Fig-26
 Click on schedule.
 The schedule is defined as per NIC architecture.
 Click ok.
Immediate Update of DAT and Patches settings as defined below (fig-27 to 28) :-
- 29 -
McAfee
Fig-27
- 30 -
McAfee
Fig-28
Above settings has been define as per NIC architecture.

Click ok.
OnDemandScan for VSE8.5i settings as defined below ( fig-29 to 37) :-
- 31 -
McAfee
Fig-29
- 32 -
McAfee
Fig-30
 Click on detection.
- 33 -
McAfee
Fig-31
 Click on Advanced.
- 34 -
McAfee
Fig-32
 Click on Actions.
- 35 -
McAfee
Fig-33
 Click on Unwanted Programs.
- 36 -
McAfee
Fig-34
 Click on reports.
- 37 -
McAfee
Fig-35
 Click on task.
- 38 -
McAfee
Fig-36
 Click ok.
- 39 -
McAfee
Fig-37
 Modified settings has been defined as per NIC architecture.

 Click ok.
- 40 -
McAfee
Assign Policies For All Operating Office’s Machines and Servers
Policy settings as defined below :-
Fig-38
 Expand ePolicy Orchestrator > NIC-800000-EPO1 > Directory

 Select HO.
 Click on Policies on the right side. Click on HO Agent Policy.
- 41 -
McAfee
Fig-39
 The above settings are modified as per NIC architecture.

 Click on events.
- 42 -
McAfee
Fig-40

 Click on Logging.
- 43 -
McAfee
Fig-41

 Click on Repositories.
- 44 -
McAfee
Fig-42
 The repositories will be different for each and every sites as per NIC Architecture.
 Click on updates.
Normally we have selected four repositories for each RO’S . Here for HO we have selected four repository. The first
preference will be that particular RO. In HO the first repository is ePO_NIC-800000-EPO1 . Other selected
repositories are from East region. By this way the first repository will be the particular RO office and rest of the
repositories will be from that region.
- 45 -
McAfee
Fig-43

 Click on Proxy.
- 46 -
McAfee
Fig-44

 Click apply to all.
 Click ok.
- 47 -
McAfee
Virus Scan Enterprise 8.5.0 policies as shown below:-
Fig-45
 In above screenshots few policy owner is showing Global administrators.

 We didn’t change anything in these policies.
 Rest of the policy owner is showing admin.
 This policy are modified.
 Modified policy settings as shown below.
 Click on On-Access General Policies.
- 48 -
McAfee
On Access General Policiey Settings:-
Fig-46
 Click on scriptscan.
- 49 -
McAfee
Fig-47
 Click on blocking.
- 50 -
McAfee
Fig-48
 Click on Messages.
- 51 -
McAfee
Fig-49
 Click on Reports.
 Click on apply.
 Click close.
- 52 -
McAfee
Fig-50
 Click on On-AccessLow-Risk Process.
- 53 -
McAfee
On–Access Low–Risk Process Settings:-
Fig-51

 Click on detection.
- 54 -
McAfee
Fig-52

- 55 -
McAfee
Fig-53

- 56 -
McAfee
Fig-54

 Click on unwanted programs.
- 57 -
McAfee
Fig-55

 Click on apply.
 Close the window.
 Open On-Access High Risk Process policy as shown in Fig45.
- 58 -
McAfee
On- Access High Risk Process Settings:-
Fig-56

 Click on Detection.
- 59 -
McAfee
Fig-57

 Click on advanced.
- 60 -
McAfee
Fig-58

- 61 -
McAfee
Fig-59
- 62 -
McAfee
Fig-60

 Click on apply.
 Open User Interface Policy as shown in Fig-45.
- 63 -
McAfee
User Interface Policy Settings:-
Fig-61

 Click on Password options.
- 64 -
McAfee
Fig-62

 Click on apply.
 Open Access protection Policy as shown in Fig-45.
- 65 -
McAfee
Access Protection Policy Settings:-
Fig-63

 Click on Reports.
- 66 -
McAfee
Fig-64

 Click on apply.
 Rest of the VSE 8.5 policies settings are as Global Default.
 Open Rouge System Sensor Policy as shown in Fig-38.
- 67 -
McAfee
Rouge System Sensor 1.0.0 Policy Default Settings:-
Fig-65

 Click on VSE8.0 and expand it.(Fig-38)
- 68 -
McAfee
Virus Scan Enterprise 8.0.0 Policy Settings:-
Fig-66
 Click on Alert Manager policy.
- 69 -
McAfee
Alert Manager Policy Settings:-
Fig-67

 Click on Additional Alerting options.
- 70 -
McAfee
Fig-68

 Click on apply and close the window.
 Click on Access Protection Policy as shown in Fig-66.
- 71 -
McAfee
Access Protection Policy Settings:-
Fig-69

 Click on file Share and Folder Protection.
- 72 -
McAfee
Fig-70

 Click on reports.
- 73 -
McAfee
Fig-71

 Open On-Access Process Policy as shown in fig-66.
- 74 -
McAfee
On-Access Process Policy Settings:-
Fig-72

 Click on Detection.
- 75 -
McAfee
Fig-73

- 76 -
McAfee
Fig-74

- 77 -
McAfee
Fig-75

- 78 -
McAfee
Fig-76

 Open On-Access General Policy as shown Fig-66.
- 79 -
McAfee
On-Access General Policy Settings:-
Fig-77

 Click on Script Scan.
- 80 -
McAfee
Fig-78

 Click on Blocking.
- 81 -
McAfee
Fig-79

 Click on Messages.
- 82 -
McAfee
Fig-80
 Click on Repots.
- 83 -
McAfee
Fig-81

 Open User Interface Policy as shown in Fig-66.
- 84 -
McAfee
User Interface Policy Settings:-
Fig-82
 Click on password options.
- 85 -
McAfee
Fig-83

 Open Unwanted Programs Policy as shown in Fig-66.
- 86 -
McAfee
Unwanted Programs Policy Settings:-
Fig-84

 Click on User defined detection.
- 87 -
McAfee
Fig-85

 Rest of the VSE 8.0 policies settings are set as global Default.
- 88 -
McAfee
TASKS FOR THE LAPTOPS
Fig-86
 Expand Directory.
 Expand HO.
 Click on Laptops and select Tasks.
 The Task’s names are also same like machines and servers. Only the schedule type is different.
 Open the Deployment tasks.
- 89 -
McAfee
Deployment Task Settings:-
Fig-87

 Rest of the tasks settings are inherited .
- 90 -
McAfee
The Schedule of all Laptop’s Tasks are same like below.
Fig-88
- 91 -
McAfee
Assigned Polices For Laptops
Fig-89
 Expand HO.
 Click on Laptops and select policies.
 Click on HO laptop agent.
Only Agent Policy setting for laptop is different from the all machines and servers ePO Agent Policy settings. We
have taken HO laptop policy as for example.the ePO
- 92 -
McAfee
ePo Agent Policy Settings:-
Fig-90

 Click on events.
- 93 -
McAfee
Fig-91

 Click on Logging.
- 94 -
McAfee
Fig-92

 Click on Repositories.
- 95 -
McAfee
Fig-93

 The NAIFtp repository will be enabled for all laptops. Other 3 repositories will be from East region , because
HO is in East region.
 The same rule will be applicable for other RO’S laptops.
 Click on Updates.
- 96 -
McAfee
Fig-94

- 97 -
McAfee
Daily Maintenance of ePo Console
Directory Search and Directory actions :
Fig-95
 Expand NIC-800000-EPO1.
 Right click on Directory.
 Click on Search
- 98 -
McAfee
Fig-96
 Select computers in a domain.

 Select Computer name as “starts with” .
 Select Domain Name as “not like” .
 Click on Search.
- 99 -
McAfee
Fig-97
 We can find out particular machine details and all the machines of a particular site.
- 100 -
McAfee
Fig-98
 Select Computers in specific group or site from “search for”.
 Select Group Name as “starts with”.
 Write any site name or group name in the “Value” column.
 Click on search.
 We can find out all the machines in a particular site or group by this method.
- 101 -
McAfee
Fig-99
 Select computers with a specific DAT Version from “Search for”.

 We can find out particular machines with latest and older dat version by this method.
- 102 -
McAfee
Fig-100
 By selecting duplicate computer names from “Search for” ,we can search the duplicate machines.
 Check the last connection time.
 Delete the older one.
- 103 -
McAfee
Fig-101
 By Selecting Specific computers we can get any particular machine details.

 Click on the particular machine.
- 104 -
McAfee
Fig-102
 We can get all the details of that particular machine by this method.
- 105 -
McAfee
Fig-103
 Machine details has shown in the above screenshots.
- 106 -
McAfee
Move a Particular Client from One Site to Another Site :-
Fig- A
 Expand NIC-800000-EPO1 .
 Right click on Directory and click on Search.
- 107 -
McAfee
Fig- B
Select “Computer in specific group or site” as search for.

Select Operator as “Starts with”.
Choose Value as “Inactive agent”.
Click on Search.
Select the client machine and right click on it. Click on “ move to”.
- 108 -
McAfee
Fig- C
 Expand the Directory in Directory Browser.

 Expand ARO. Expand OO .
 Select Desktops. Click on ok .
Here the client was in Inactive Agents group. But normally it should be in ARO’s Desktops group.
- 109 -
McAfee
Send Agent Wakeup Call to a Particular Site:-
Fig-104
 Expand the directory.

 Select particular directory.
 Right click on it and select Agent Wakeup Call.
- 110 -
McAfee
Fig-105
 Set Agent randomization as 0 minutes.

 Select “Get full product properties”.
 Click ok.
- 111 -
McAfee
We can also send Agent Wakeup Call to any particular machine by this method.
Fig-106
 Open the directory search.

 Search any machine from the directory.
 Right click on the search result.
 Select agent wakeup call.
 Send agent wakeup call.
- 112 -
McAfee
Send Agent Install Command From the Server:-
Fig-107
 Select particular site .
 Right click on it and select Send Agent Install.
- 113 -
McAfee
Fig-108
 Select “Only install on computers that do not have an agent” and “Force install over existing version” both.
 Type password.
- 114 -
McAfee
We can do Send Agent Install by the same method.
Fig-109
 Open directory search.

 Search particular computer.
 Select the computer from search results. Right click on it.
 Select send agent install. Finish the agent installation job as shown in Fig-108.
- 115 -
McAfee
Installation process of New Packages
Fig-110
 Click on Repository.
 Click on Check in package.
- 116 -
McAfee
Fig-111
 Click on next.
- 117 -
McAfee
Fig-112
 Select Products and updates.

 Click on next.
- 118 -
McAfee
Fig-113
 Browse the particular downloaded package form the server and enter the full path of that file.
 Click on next.
- 119 -
McAfee
Fig-114
- 120 -
McAfee
Fig-115
 Click on Check in NAP.
- 121 -
McAfee
Fig-116
 Select Add new software to be managed.

 Click on next.
- 122 -
McAfee
Fig-117
 Browse the .nap file from the same folder of the packager file.
 Select and open the file.
 Wait for few minutes .
- 123 -
McAfee
To Check the Patch is installed properly or not:-
Fig-118
 Expand Repository.
 Expand Software Repositories
 Click on Master.
 Check the Version of the particular package.
- 124 -
McAfee
Manual Server Update :-
Fig-119
 Click on Repository.
 Click on Pull now in the right side.
 Select the NAIHttp.
 Click next.
- 125 -
McAfee
Fig-120
 Select current.
 Select finish.
- 126 -
McAfee
Replicate the Latest Updates to The Particular site manually :-
Fig-121
 Click on next.
- 127 -
McAfee
Fig-122
 Select the repository.

 Click on next.
- 128 -
McAfee
Fig-123
 Select Incremental replication.

- 129 -
McAfee
Fig-124
 Click on close.
- 130 -
McAfee
Fig-125
 Click on configure proxy .
 Select don’t use proxy.
 Click on ok.
- 131 -
McAfee
Checking Repository Status from ePo Console :-
Fig-126
 Expand Repository.
 Expand Software Repositories.
 Click on Distributed.
 Select any distributed repository.
 Click on edit.
- 132 -
McAfee
Fig-127
 Click on option.
 Check the URL http://10.X.0.3/epo
 Port will be 80.
 Replicate UNC will be \\10.X.0.3\eposhare
 Domain will be nic-X0000-av1
 Username will be the admin login username of the particular antivirus server.
 Type the password.
- 133 -
McAfee
Checking Report’s Logs :-
Fig-128
 Expand Reporting.
 Expand ePO Databases.
 Right click on ePO NIC-800000-EPO1(NIC-800000-EPO1)
 Click on connect.
- 134 -
McAfee
Fig-129
 User name will be console log in id.
 Type password.
 Authentication type must be ePO authentication.
 HTTPS port number willl be 8443.
 Click ok.
- 135 -
McAfee
Fig-130
 Expand Reports.
 Expand Anti-Virus.
 Expand Detection.
 Click on Action Summary By Top 10 Threat.
 Check the Detection List. Select any detection and expand it.
- 136 -
McAfee
Fig-131
 Click on any detection.
- 137 -
McAfee
Fig-132
 Action summary of top 10 threats has shown in above figure.
- 138 -
McAfee
Database Maintenance Procedure :-
Fig-133
 Expand Reporting.
 Expand ePO Database.
 Click on ePO_NIC-800000-EPO1(NIC-800000-EPO1).
 Login into ePO Database.
 Click ok.
- 139 -
McAfee
Fig-134
 Click on Events.
 Select Removal option.
 Select days of “All events that occurred more than”.
 Click on start.
 Wait for few minutes.
- 140 -
McAfee
Fig-135
 For repairing the database select repair.

 Clcik on start.
 Wait for few miniutes.
- 141 -
McAfee
Database Backup From SQL Server:-
Fig-136
 Go to start > programs > Microsoft SQL Server > Enterprise Manager.
- 142 -
McAfee
Fig-137
 Expand Microsoft SQL Server Group.
 Expand Databases.
- 143 -
McAfee
Fig-138
 Right click on ePO_NIC-800000-EPO1 .

 Select all tasks.
 Select Backup Database.
- 144 -
McAfee
Fig-139
 The database will be ePO_NIC-800000-EPO1.

 The name will be Epo_nic-800000-EPO1 backup .
 The Backup will be as Database- complete.
 Set the Destination path where the backup will be stored.
 Overwrite as “Append to media”.
 Click on ok.
- 145 -
McAfee
Weekly Database Maintenance Plan :-
Fig-140
 Plan name will be Weekly ePO Backup.
 Select these database and ePO_NIC-800000-EPO1 .
- 146 -
McAfee
Fig-141
 Open Optimization.
 Select Update the statistics used by the query optimizer.
 Shrink database when it grows beyond will be as per requirement.
 Time Schedule will be weekly on Sunday.
- 147 -
McAfee
Fig-142
 Open integrity.
 Select Check database integrity.
 Select perform these tests before backing up the database or transaction log.
- 148 -
McAfee
Fig-143
 Set the directory path.
 Select subdirectory for each database.
 The time period of Remove file older than will be variable as per requirement.
- 149 -
McAfee
Fig-144
- 150 -
McAfee
Fig-145

 Click on ok.
 Close the SQL Server console.
END
- 151 -

McAfee Server Console Maintanence MODIFIED

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

McAfee Server Console Maintanence MODIFIED

Hochgeladen von

Copyright:

Verfügbare Formate

McAfee

NATIONAL INSURANCE COMPANY LIMITED

HCL COMNET LIMITED

The ePO Server is located in Kolkata.

1. Console Login ( page 3 – 4 )

 Click on the ePolicy Orchestrator 3.6.1 Console.

 Click on the Log on the server.

 Click on Scheduled tasks.

DR Replication modified settings as defined below (Fig-8 and Fig-9) :-

 The settings of DR Replication task is like this as per NIC architecture.

InActive Agents modified settings as defined as below (Fig-10 and Fig-11 ) :-

 Create a new site “Inactive agent” from directory.

Different communication ports:-

 The port settings will be like this as per NIC architecture.

New Task Creation Method ( Fig-13 and Fig-14 ) :-

 Expand the task type.

The McAfee Agent Task

 Expand ePolicy Orchestrator and NIC-800000-EPO1 .

 Write new task name .

 Select Enable (schedule task runs at specific time).

 Setting will be like this.

 Different tasks are:

 Click on Deployment Task.

Deployment Task settings as defined below ( fig-21 to 23):-

Agent Wakeup Call Task settings as defined below (fig 24 to 26):-

 Click on Agent Wakeup Call .

Above settings has been define as per NIC architecture.

OnDemandScan for VSE8.5i settings as defined below ( fig-29 to 37) :-

 Click on Unwanted Programs.

 Modified settings has been defined as per NIC architecture.

Assign Policies For All Operating Office’s Machines and Servers

Policy settings as defined below :-

 Expand ePolicy Orchestrator > NIC-800000-EPO1 > Directory

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

Virus Scan Enterprise 8.5.0 policies as shown below:-

 In above screenshots few policy owner is showing Global administrators.

On Access General Policiey Settings:-

 Click on On-AccessLow-Risk Process.

On–Access Low–Risk Process Settings:-

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

On- Access High Risk Process Settings:-

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

User Interface Policy Settings:-

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

Access Protection Policy Settings:-

 The above settings are modified as per NIC architecture.

 The above settings are modified as per NIC architecture.

Rouge System Sensor 1.0.0 Policy Default Settings:-

 The above settings are modified as per NIC architecture.

Virus Scan Enterprise 8.0.0 Policy Settings:-