cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 5
‎02-10-2017 06:19 AM

SA 5 P5 Install With Open Browsers

Good day,

The release notes and my limited experience installing SA 5 P5 say installing it with open browsers is not a good idea.  It would appear an uninstall is required to fix the problems caused by an open browser, which brings more pain.  The environment is such I cannot force browsers to close, nor do I have a easy way to find open browsers in a query.  Moving to ENS requires more pain and time than I have available to devote to the task.

Q1. Can McAfee develop a patch which will install without having to close browsers?

Q2.  Why did the installation switches change on P5?  /silent does not appear to work any more.

Thanks,

DocB

0 Kudos
Reply
4 Replies
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 5
‎02-13-2017 02:45 AM

Re: SA 5 P5 Install With Open Browsers

1. If the ePO package installation of SAE detects any of the three supported browsers to be open, it creates a RunOnce task for the SAE installation to continue after reboot. But the install task is considered as a failure (only if) the installation task is not running as “SYSTEM”. 


If the installation is running under the context of a user, a message box is displayed to alert the user, informing that the installation will resume after reboot.  There is no force-closing of the browser.


Which method are you using to roll out the SAE install? If you're still seeing issues, the SAE debug logs (if upgrade scenario), SAE install / upgrade / uninstall logs, ProcMon logs would be required.

2.No switches have been changed in the installer for Patch 5.  The SAE installer by itself doesn’t make use of any of the switches;  it receives and passes over the switches to MSI. The standard MSI switch for silent mode is /q

0 Kudos
Reply
wyrm
Level 10
Report Inappropriate Content
Message 3 of 5
‎02-13-2017 05:13 AM

Re: SA 5 P5 Install With Open Browsers

SiteAdvisor/Web Adviser is definitely a huge pain to administer.  I've had tons of issues over the years with failed/broken installs when trying to push via ePolicy when browsers are open.  I ended up submitting a product enhancement request a while ago, requesting malicious website blocking be handled without a browser plugin.  Sophos and Fortinet, for example, can inject URL "block" messages into web browsers without the need for such plugins.  Fingers crossed that this will be implemented in the near future.

0 Kudos
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 5
‎02-13-2017 05:59 AM

Re: SA 5 P5 Install With Open Browsers

McAfee Client Proxy is a separate product that does browser control without a browser plugin.

There is a SAE removal tool that is ePO deployable. Earlier patch versions of SAE could see issues with upgrades due to VSE access protection. You can also try disabling access protection and do the upgrade again.

0 Kudos
Reply
wyrm
Level 10
Report Inappropriate Content
Message 5 of 5
‎02-13-2017 06:17 AM

Re: SA 5 P5 Install With Open Browsers

I appreciate the input, but controlling access protection policies for 30,000+ machines is a management nightmare as well as a security risk.  We also have very limited resources for ePolicy management.

MCP is integrated into ENS 10.5, but we still need Web Advisor for blocking because we're not licensed for MWG.  I feel like we shouldn't have to pay additional licensing for a web gateway solution to have this plugin-less functionality.

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC