EPO | ePolicy Orchestrator Archives - Page 2 of 2

Azure ENS | Endpoint Security EPO | ePolicy Orchestrator Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online M365,AZURE,INTUNE Mcafee/Trellix Microsoft Exchange SECURITY

M365, Exchange Online Remote Powershell blocked by T1056 Mitre Trellix

04.04.2023 admin

Trellix ENS 10.X, T1056 – Key capture using PowerShell detected, Host intrusion buffer overflow ExP:Illegal API Use Blocked an attempt to exploit C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\POWERSHELL.EXE, which targeted the GetAsyncKeyState API. For efficient M365 and Exchange Online management, there are various methods available. While utilizing the PowerShell button within the Admin Portal is one option, it requires an Azure […]

EPO | ePolicy Orchestrator SQL

Trellix and McAfee EPO Server SQL Server Performance tips

19.10.2021 admin

Database Configuration: Ensure the following settings for the EPO Database: Autoshrink: False Auto Close: False Auto Update Statistics: True These settings prevent unnecessary shrinking and closing of the database, while maintaining up-to-date statistics for efficient performance. Customization for Rare Circumstances: While Auto Update Statistics is generally recommended as true, there might […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

McAfee EPO Server SQL Server Performance tips

04.07.2018 admin

McAfee EPO Server SQL Server Performance tips This is based on McAfee Information for their McAfee EPO DB running under SQL 2005/2008R2/2012 upwards The EPO Database itself should be: Autoshrink = False Auto Close = False Auto update Statistics = True Auto shrink and auto close are database options that should be set to false. […]

CRUNCH EPO | ePolicy Orchestrator Mcafee/Trellix Microsoft Server OS SECURITY Uncategorized

MCAFEE 5.3.3 Certificate – Cipher Suites TLS problem- Agent does not report back

16.10.2017 admin

Mcafee EPO Server 5.3.3 seems to have problems on some older OS like 2008R2 regarding TLS ciphers (We did not see this in 2012R2 to date with our customers). The A-Z sort order of those is the source. This had such an impact that Mcafee did release this info to all customer with SNS-Alert. This […]

EPO | ePolicy Orchestrator FW Fortigate FW Sophos Mcafee/Trellix SECURITY

2018 McAfee Agent, Framework, EPO Firewall Ports

03.07.2017 admin

It’s improtant to understand that the McAfee Agent itself DOES OPEN all needed OS Windows Firewall Ports for you automatic. You can see those under “macmnsvc”. But it’s Important to keep track of physical Firewall Ports and if you separate Clients or Server from the EPO with a Perimeter Firewall or VLAN-Firewall. McAfee Agent: This […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix Uncategorized

Ransomware: How to integrate the WannaCry EXTRADAT in EPO or McAfee ENS client

13.05.2017 admin

12.05.2017 Urgent Release FRIDAY, Wana Decrypt0r | Wana Decryptor | WanaDecryptor@.exe https://kc.mcafee.com/corporate/index?page=content&id=KB89335 EXTRADAT: https://kc.mcafee.com/resources/sites/MCAFEE/content/live/CORP_KNOWLEDGEBASE/890 00/KB89335/en_US/EXTRA.zip EXTRA.zip McAfee is aware that several customers are impacted by a new ransomware. Ransom-WannaCry (also known as WannaCry, WCry, WanaCrypt and WanaCrypt0r) is encrypting files with the .wnry, .wcry, .wncry, and .wncryt extensions. Encryption is occurring on the local […]

EPO | ePolicy Orchestrator Exchange 2010 Mcafee/Trellix Microsoft Exchange MSME | Security for Exchange

Mcafee Security for Exchange 8.5 Patch 1 Update fails on 2010 SP3 CAS with HUB roll

19.10.2016 admin

Problem: Mcafee Security for Exchange 8.5 Patch 1 Update fails on 2010 SP3 CAS with HUB roll Product: McAfee Security for Microsoft Exchange — Error 1920.Service MSExchangeIS (MSExchangeIS) failed to start. Verify that you have sufficient privileges to start system services. Migration Groupshield Mcafee Security for Exchange 8.6 to Patch 1 We first thought this was related […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix Scripting Uncategorized

Mcafee EPO prevent exe RUNNING FROM %appdata%

14.07.2015 admin

Mcafee EPO prevent exe RUNNING FROM %appdata% folders with an Access protection Policy How to protect from most 0day Flash Exploits and malware like Ransom Cryptowall in summer 2015. You simply can’t keep up with patching even with deployment or Management solutions in place. Now you should have an IPS Filter like Fortigate with Fortiguard. […]

EPO | ePolicy Orchestrator Mcafee/Trellix

MCAFEE: Hotfix VSE88HF793640 per EPO verteilen

21.08.2012 admin

www.butsch.ch Diese Anleitung beschreibt wie man einen HOTFIX auf einem MCAFEE EPO Server 4.5/4.6 integriert und alle Systeme oder eine bestimmte Gruppe verteilt. Als Beispiel den Patch/Hotfix vom 21.08.2012 für Mcafee VSE 8.8. https://kc.mcafee.com/corporate/index?page=content&id=KB76004 DAT 6807/6808 Causing Issues with VSE 8.8.x Inhalt Hotfix Paket einchecken 1 Distribute/Update an alle Endpoints im Netz 2 Distribute/Update PRO Untergruppe […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee Framework 4.6 and EPO Migrarion from SRV 2003R2 to 2008R2

26.07.2011 admin

Mcafee Framework 4.6 is out Please check the 4 important Hotfixes which may seem important if you have “MS Malicious Software Removal Tool” installed. https://kc.mcafee.com/corporate/index?page=content&id=KB72202 1 Install/deploy Framework 4.62 Install HF660014 3 Install HF660568 Migration from Server 2003R2 32BIt to Windows Server R2008 R2 64bit (Same Server Name a must) Mcafee KB66616 (OS=OS) und KB71078 (OS !=OS). Sollte […]

EPO | ePolicy Orchestrator Mcafee/Trellix WSUS

Mcafee EPO Framework 4.5 SP2 Update

18.05.2011 admin

Nebst vielen anderen Punkten behebt das SP2 zwei wichtige Punkte die den Update rechtfertigen: 15. Issue: When the agent polled for messages from the server, the CPU utilization was high on systems with a large number of CPUs, because the number of polling threads was proportional to the number of CPUs. (Reference: 566481) Resolution: […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee EPO Server 4.5 Upgrade to 4.6 mit SQL Express 2005 SP2 to SP4

13.04.2011 admin

Mcafee EPO Server 4.5 Upgrade to 4.6 mit SQL Express 2005 SP2 to SP4 Here are some hints to Upgrade an EPO 4.5 to 4.6 running on Windows Server 2003R2 with Existing SQL Express 2005 Before SP3 1) Backup your Mcafee EPO Server with Acronis or Imaging tool. It once has failed at a […]

Deployment EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee EPO Server 4.X Database or Space growing EPOevents

24.03.2011 admin

Problem: VMWARE Monitoring Events from “Vmware Converter and Tools” fill the EPO Database rapidly (1GB/Hour). delete from EPOEvents where DetectedUTC < ‘YYYY-MM-DD’delete from EPOEvents where DetectedUTC < ‘2011-01-01’ SOLUTION: Run this SQL Script once a week to get rid of the problem This is a batch File which you run from Schedule: osql -S FHSEPO01\EPOSERVER […]

Category: EPO | ePolicy Orchestrator