cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
web1b
Level 7
Report Inappropriate Content
Message 1 of 3
‎03-24-2015 02:29 PM

How to make McAfee Agent Prompt User to Restart?

We are migrating from one encryption product to MDE 7.1.

We are going to deploy MDE along with EEGO.  When EEGO sees that the old encryption is no longer on the system, it should prompt MDE to start encrypting the drive.

We can remotely start removing the old encryption product however, it takes 3 reboots to fully remove the old product.

After sending the uninstallation command for the old product, it takes 1 reboot to start decrypting the drive, another reboot after the drive has been decrypted to start removing the old encryption software and a third reboot to finish removing the old software. 

MDE will not start encrypting before this is done.  So, if we start removing the old product and the user takes a long time (days or weeks) to complete the required 3 reboots, the system data will be at risk on an an unecrypted drive for a long period of time.

Are there any ePO query that can run that can be set to trigger a reboot prompts until all the reboots required to allow MDE encryption to begin have been completed?

We are using ePO 4.6.9 and agent 4.8.

0 Kudos
Reply
2 Replies
ansarias
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 2 of 3
‎03-24-2015 10:52 PM

Re: How to make McAfee Agent Prompt User to Restart?

You can use the option in McAfee Agent general policy.

ScreenShot_ 11.20 25-Mar-15.jpg

0 Kudos
Reply
web1b
Level 7
Report Inappropriate Content
Message 3 of 3
‎03-25-2015 05:52 AM

Re: How to make McAfee Agent Prompt User to Restart?

I'm not seeing how to use that option and apply it only to the systems that are in the process of migrating from the old encryption to the new.  We do not want change the reboot policy for everyone.  We just need the reboots for this specific product deployment.


I'd like to configure this with a query result and client tasks or sever tasks to fully automate this.

Maybe a query that finds all the systems with the old encryption product still installed after we send the uninstallation file to those systems, pushes drive encryption agent to the system and then prompts the user to reboot.  After that reboot is completed, install drive encryption product and prompt for reboot 2.  After the second reboot is complete push EEGO and prompt for reboot 3.  That would be one way to do this that would allow the users to control reboots.

If it cannot be done that way or users ignore the reboot prompts and take no action, then our next choice would be to just schedule the reboots of the systems still with the old encryption product.

To do it this way, we could do the following:

1.  Copy the uninstallation trigger file to all systems with old encryption product via our AD Group Policy (assuming there is no way for ePO to do this).

2.  Use ePO to query systems that do not have MDE active and also still have the old encryption product installed.

3.  Send email notification to users of the computers in the query results telling them their workstations will reboot automatically every morning for the next 3 days.

5.  Schedule push of MDE agent to systems in the query results on day 1 at 3AM with forced reboot.

6.  Schedule push of MDE client on day 2 at 4AM with another forced reboot.  This installation should only happen on systems that have the MDE agent successfully installed and not the MDE product.

7.  Schedule push of MDE EEGO on day 3 at 5AM with another forced reboot.  This installation should only happen on systems that have both MDE agent and MDE client successfully installed, but still missing EEGO.

How could this be automated?

0 Kudos
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC