Release Notes for McAfee Agent 4.5

About this document

Thank you for using McAfee® Agent 4.5 software. This document contains important information about this release. We strongly recommend that you read the entire document.

Installation instructions can be found in the McAfee Agent 4.5 Product Guide.

Refer to online KnowledgeBase article KB66152 at http://knowledge.mcafee.com for the most current information regarding this release.

If you are installing McAfee Agent 4.5 for use with ePolicy Orchestrator 4.0, you must first apply ePolicy Orchestrator Patch 4. To obtain the patch, follow these instructions:
  1. Use your browser to access the McAfee Beta download site: http://www.mcafee.com/us/enterprise/downloads/beta/index.html
  2. Select My Products-Downloads.
  3. Type your grant number and click Submit.
  4. Click View Available Downloads.
  5. Under Management Solutions, select ePolicy Orchestrator v4.0.0.
  6. Click I Agree.
  7. Under ePolicy Orchestrator v4.0.0 - Ver 4.0.0 Patch 4 download ePO400P4.Zip.

New features

New and updated features in the McAfee Agent 4.5 release are described below:

Update Now

The Update Now action provides the following new functionality:
  • Updating selected systems when troubleshooting.
  • Distributing new DATs or signatures to all or selected systems immediately.
  • Updating selected point-products that have been deployed previously.
NOTE: This feature requires ePolicy Orchestrator 4.5.

Policy Assignment Rules

Managed products that are designed to work with this feature can specify which policies to apply to the currently logged-on user. These user-based policies are applied in addition to your current policies.
NOTE: This feature requires ePolicy Orchestrator 4.5.

Communication security enhancements

When used with ePolicy Orchestrator 4.5, all agent-server communications are encrypted with Transport Layer Security (TLS), the industry standard high-encryption protocol. Communications include the following:
  • Agent-server communication
  • Event uploading
  • Update Now actions
  • Authentication and authorization
  • Bulk data transfers
All encryption is 128-bit strength and, except for Mac OS X is FIPS 140-2 compliant.
NOTE: This feature requires ePolicy Orchestrator 4.5.

Performance Improvement

Policy enforcement functions have been redesigned to reduce CPU consumption.

Improved methodology for identifying nearby repositories

The previous method of determining the closest repository sometimes identified very remote repositories. Now when you choose to connect with the nearest repository, this improved method defines the shortest distance as the repository that requires the fewest "hops," or portions of the route between source and destination.

Data Execution Prevention

The agent is compatible with Windows operating systems that provide Data Execution Prevention (DEP).

Custom properties

When installing the agent from the command line, four custom properties can be included. This feature allows custom properties to be reported back to the ePO server, and displayed in the system properties. This information can be used with the ePolicy Orchestrator tagging feature as well.
  • In Windows environments, custom properties can also be specified directly in the editable registry key HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\CustomProps\
  • On UNIX-based systems, custom properties can be specified in the editable file /McAfee/cma/scratch/CustomProps.xml.

IPv6 compatibility

The agent is fully compatible with IPv6 in both native and mixed environments, including:
  • Native IPv4
  • Native IPv6
  • Mixed IPv4 and IPv6

System tray icon

The McAfee system tray icon has been redesigned and now includes these features:
  • Links to frequently used menu items of managed products, which are integrated with the tray icon.
  • Links to the administrative console of managed products.
  • Immediate updating of all the installed McAfee point-products, (if enabled).
  • Launching scans by McAfee programs, such as VirusScan Enterprise or McAfee Network Access Control.
  • Displaying the current system status of managed products, including current events and event history. This information can be copied and saved to the clipboard for inclusion in a text file.
  • Direct linking to the Agent Status Monitor, as an alternative to the previous command-line procedure. The Monitor includes buttons that trigger the collection and transmission of properties; downloading and enforcing policies; and the transmission of event information.

Known issues

Known issues in this release of the software are described below:

Managed product compatibility issues


  • McAfee Agent 4.5 is not currently supported by VirusScan for Mac and LinuxShield products. (456562, 456447)
  • In order to enable support for McAfee Host Intrusion Prevention 7.0 on SELinux, you must run the following command:
    chcon -t textrel_shlib_t /opt/McAfee/cma/bin/libeventinterface.so.4.0

Upgrade issues


  • When upgrading non-Windows systems to the McAfee Agent 4.5, you must use the ePolicy Orchestrator deployment task to perform the upgrade if HIPS 7.0 is installed. (481173)

Agent communication issues


  • Clicking Show Agent log for a managed system might not show the agent log file. If you are unable to view the agent log file verify that McAfee Agent policy settings are configured so that the Accept connections only from ePO server option is unchecked (McAfee Agent Policy Pages, General tab) and the Enable remote access to log option is checked (McAfee Agent Policy Pages, Logging tab). (447579)
  • In cluster environments with more than one cluster server managed by ePolicy Orchestrator, agent communications report the cluster IP address instead of the node IP address. This can cause a problem when one node fails over and a passive node becomes active. When this scenario occurs, the ePO server can no longer communicate with the passive node because it has the wrong IP address. The IP address is corrected automatically at the passive node's next agent-server communication. (360552)
  • If you downgrade from ePolicy Orchestrator version 4.5 to version 4.0, you must redeploy your agents. (487890)
  • When moving systems between Agent Handlers, systems become unresponsive until the next agent initiated agent-server communication. To workaround this issue, add the ePO server as the last entry on Agent Handler Assignment list. Doing so ensures you can maintain communication with the agent. (455083)

Product update issues


  • The branch updating feature is only enabled for deployments of full product, full engines, and product content. For example, DATs and signatures. (487805)

Proxy authentication issues


  • If the primary proxy authentication fails when updating from an HTTP repository, the agent does not use the alternate proxy. (467784)
  • When upgrading the McAfee Agent to version 4.5 from version 4.0, you might receive an erroneous log message in the Agent log stating that "New MAC address was found...regenerating Agent ID." This message can be disregarded. No new MAC address was found and a new Agent ID was not generated. (486102)

Policy Assignment Rules issues


  • In order to use the Policy Assignment Rules feature in ePolicy Orchestrator 4.5 to create user based policies on systems running Windows Server 2003 64-bit or Windows XP 64-bit, you must install Windows Service Pack 2 and the Microsoft Hot Fix released in the following Microsoft KB article: http://support.microsoft.com/kb/967587. (360552)

System Tray issues


  • When running 64-bit operating systems, some managed product icons might appear outside of the McAfee System Tray icon. (486449)
  • The System Tray icon might not appear on VMware systems running Windows 2008 Service Pack 2. (487483)

Documentation issues


  • Context-sensitive help for the McAfee Agent Policy pages Proxy tab states that both Do not use a proxy and Use Internet Explorer settings (Windows only) are default settings. Do not use a proxy is the default setting. (450041)

Finding documentation for McAfee enterprise products

To access the documentation for your McAfee products, use the McAfee ServicePortal.


  1. Go to the McAfee ServicePortal (http://mysupport.mcafee.com) and, under Self Service, click Read Product Documentation.
  2. Select a Product.
  3. Select a Version.
  4. Select a product document

Product documentation by phase

McAfee documentation provides the information you need during each phase of product implementation, from installing a new product to maintaining existing ones. Depending on the product, additional documents might also be available. After a product is released, information regarding the product is entered into the online KnowledgeBase, available through the McAfee ServicePortal.

Installation phase — Before, during, and after installation
  • Release Notes
  • Installation Guide
Setup phase — Using the product
  • Product Guide
  • Online Help
Maintenance phase — Maintaining the software

License attributions

For a complete list of third-party license attributions, see the license.txt file. This file is included at the root of the product download zip file and, in default installations, at:
  C:\Program Files\McAfee\Common Framework
COPYRIGHT

COPYRIGHT

Copyright © 2008 McAfee, Inc. All Rights Reserved.

No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.

TRADEMARK ATTRIBUTIONS

TRADEMARK ATTRIBUTIONS

AVERT, EPO, EPOLICY ORCHESTRATOR, FLASHBOX, FOUNDSTONE, GROUPSHIELD, HERCULES, INTRUSHIELD, INTRUSION INTELLIGENCE, LINUXSHIELD, MANAGED MAIL PROTECTION, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, MCAFEE.COM, NETSHIELD, PORTALSHIELD, PREVENTSYS, PROTECTION-IN-DEPTH STRATEGY, PROTECTIONPILOT, SECURE MESSAGING SERVICE, SECURITYALLIANCE, SITEADVISOR, THREATSCAN, TOTAL PROTECTION, VIREX, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners.

LICENSE INFORMATION

LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.