ePO

How to deploy ENS, only to Windows 10 systems with MA 5.0.4 installed

The following procedure is to install ENS, only on systems that meet the following requirements:

  1. OS must be Windows 10.
  2. McAfee Agent 5.0.4 must be installed.

For this procedure we are going to create the following:

  • Tag: The tag will be assign only to systems that meet the requirements (Windows 10 & MA 5.0.4).
  • Query: The query will provide a list of systems with that meets the above requirements.
  • Server task: The server task will run the query above and apply the tag to systems from the query results.
  • Client Task: The client task will install ENS only to systems with the tag created on the first step.

First we are going to create the TAG we will be using to install ENS.

  1. Open ePO console and go to Menu>System and select “Tag Catalog“.
  2. Click on “New Tag“.
  3. Name the tag, for this example we are going to name it “ENS4Win“.
  4. Leave criteria blank and click “Next“.
  5. Leave evaluation blank and click “Next“.
  6. Next click “Save“.
  7. You should be able to see the tag we just created on the list.

Next we are going to create a query that will check that MA 5.0.4 and Windows 10 is installed.

  1. Once the tag has been created click on “Queries and Reports
  2. Click on “New Query“.
  3. On the Result Types tab under Feature group select “Systems Management” and in “Result Types” select “Managed Systems” then click “Next“.
  4. On the Chart tab under Chart Types, you must scroll down and select “Tables” then click “Next“.
    Note: if Tables is not selected in Chart Type, the query will not work for our server task.
  5. On Columns tab under Available Columns, scroll down and select “Product Version (Agent)“.
  6. Once the column for “Product Version (Agent)” is added click “Next“.
  7. On the Filters tab scroll down and select “OS Type“.
  8. On OS type select “Equals” and then click on the “” menu.
  9. A window will pop up letting you choose from existing values, select “Windows 10”.
    Note: You will only see the OS types that has been reported by MA. If the OS type you want is not here, you must first install MA on a system that has the OS you need.
  10. Next click “Run“, to check if we get a list of systems with the requirements we need.
  11. In this example I only have one system that meets the requirements, click “Save”.
  12. Name the query something easy to find, in this example I called it “Install ENS“, then click “Save“. Note: Take note of the Query Group that this query is been created, as this information will be needed when creating the server task.
  13. Do a quick search for the query you just created. Type “ENS” and then “Apply“, you should find the query we just created in the query result page.

Next we are going to create a server task that will run query and apply tag to all systems, based on the query results.

  1. In ePO go to Menu>Automation> and select “Server Task“.
  2. Then click on “New Task“.
  3. Name server task something easy to remember. For this example I will be using the name “Assign ENS Tag“, make sure “Schedule status” is set to enable then click “Next“.
  4. On Actions, select Run Query, then click on “…”, to bring up the menu.
  5. A window will popup, on the tab “Private Groups” you will find the query we created, select query “Install ENS” and click “OK“. Note: The query was created in Private Groups on previews steps.
  6. On Sub-Action click “…” to bring up the sub menu.
  7. Next a window will pop, select “Apply Tag“, then click the “Ok” button.
  8. Now on tag click on “…” again.
  9. On the pop up windows select the tag we created “ENS4Win” then click “OK“.
  10. On the next Window select when you would like to run server task, for this example I am using “Daily“, this option the task will only run once a day. Then click “Next“.
  11. Next click “Save“.
  12. Find the server task we just created, and click “Run“, so the tag can be applied to the systems that meet our criteria.
  13. Make sure task completes, and then click on the task.
  14. You should be able to see a list of systems the tag was applied too, then click “Close“.
  15. In the following example, under the System Tree we can see there are 2 Windows 10 machines. Only one has MA 5.0.4 and only that system has the tag we ENS4Win. The second system did not have MA 5.0.4 installed, therefore, did not meet the criteria and the tag was not  applied.

Next we are going to create a client task that will install ENS to systems with the tag “ENS4win”.

  1. To assign the client task by tag, click on the group we want to assign the client task, then go to the tab “Assigned Clint Task“.
  2. Then click on Actions>New Client Task Assignment.
  3. For product select “McAfee Agent“, on task type select Product Deployment, and then click on “Create New Task“.
  4. Name the task, and select the products to install, for this example we are using ENS platform, Threat Prevention, Firewall and Web Control, then click “Save“.
  5. Under the Tags area select “Send this task to only computer which have the following criteria“. then click on the edit link next to “Has any of these tags“.
  6. On the next windows select the tag we created, for this example I’ve selected “ENS4Win“, then click “OK“.
  7. Click “Next“.
  8. Select the schedule type, for this example I will be using “Daily“, then click “Next“.
  9. On the summary page click “Save“.

This completes this tutorial. Next time the client task is run, it will only install ENS to systems with the tag “ENS4Win“. If you have any questions or comments, feel free to send me a message.

3 thoughts on “How to deploy ENS, only to Windows 10 systems with MA 5.0.4 installed

  1. Hello your MCAFFE EPO Blog is super pls add more topic on this , like for installation what is requirement and pla explain MCAFFE EPO infrastructure diagram , and adding AD in EPO server and how encryption systems

Leave a Reply

Your email address will not be published. Required fields are marked *