Installation Guide McAfee® ePolicy Orchestrator® 4.6.
COPYRIGHT Copyright © 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies.
Contents Preface 5 About this guide . . . . . . . . . . . . . . . . Audience . . . . . . . . . . . . . . . . Conventions . . . . . . . . . . . . . . . What's in this guide . . . . . . . . . . . . Finding product documentation . . . . . . . . . . 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installation requirements and recommendations . . . . .
Contents 5 Troubleshooting and log file reference 39 Common installation messages, and their causes and solutions . . . . . . . . . . . . . . . 39 Default locations of troubleshooting log files . . . . . . . . . . . . . . . . . . . . . . . 41 Index 4 McAfee® ePolicy Orchestrator® 4.6.
Preface This guide provides the information you need to install your McAfee product. Contents About this guide Finding product documentation About this guide This information describes the guide's target audience, the typographical conventions and icons used in this guide, and how the guide is organized. Audience McAfee documentation is carefully researched and written for the target audience.
Preface Finding product documentation What's in this guide This guide is organized to help you find the information you need. It is organized into chapters that group relevant information together by task, so you can go directly to the topic you need to successfully complete your installation.
1 Installation requirements and recommendations Your environment needs to include specific hardware and software to runMcAfee ePolicy Orchestrator 4.6. Review these requirements and recommendations before installing your McAfee ePO software to ensure that your installation is successful.
1 Installation requirements and recommendations Software requirements and recommendations Table 1-1 Hardware requirements and recommendations (continued) Component Requirements and recommendations Network Interface Card (NIC) 100 Mb or higher If using a server with more than one IP address, ePolicy Orchestrator software uses the first identified IP address.
Installation requirements and recommendations Supported server-class operating systems 1 Table 1-2 Software requirements and recommendations (continued) Software Requirements and recommendations Security software Recommended. • Install and/or update the anti-virus software on the server and scan for viruses. • Install and/or update firewall software on the server. If McAfee VirusScan® Enterprise 8.5i or 8.
1 Installation requirements and recommendations Supported virtual infrastructure software Operating system language ePolicy Orchestrator software runs on any supported operating system regardless of the language of the operating system. The ePolicy Orchestrator user interface has been translated into the languages in the following list. When the software is installed on an operating system using a language that is not on this list, the interface attempts to display text in English.
Installation requirements and recommendations Supported Internet browsers 1 Required SQL Server configuration settings ePolicy Orchestrator software requires some specific SQL Server configuration settings. For information about working with these settings, see your SQL Server documentation. Table 1-5 Required SQL Server configuration settings Configuration Details Nested triggers The SQL Server Nested Triggers option must be enabled.
1 Installation requirements and recommendations Supported and unsupported products Supported and unsupported products Review the products ePolicy Orchestrator supports before completing your installation or upgrade. To view an updated list of supported and unsupported products, see one of the following KnowledgeBase articles: 12 • McAfee ePO Supported Products — KB69814 (https://kc.mcafee.com/corporate/index? page=content&id=KB69814) • McAfee ePO Unsupported Products — KB69815 (https://kc.mcafee.
2 Installing McAfee ePolicy Orchestrator software ePolicy Orchestrator software is installed on a Microsoft Windows server-class operating system using the ePolicy Orchestrator InstallShield Wizard. The InstallShield Wizard walks you through the configuration steps required to get ePolicy Orchestrator software running. Once you complete the installation process, you can start using the software immediately to get your managed environment set up. Refer to the ePolicy Orchestrator 4.
2 Installing McAfee ePolicy Orchestrator software Things to know before installation Table 2-1 Installation options Installation option Details Express The most direct installation path. Use this option if you want to accept McAfee's default installation settings. Custom Customize your installation.
2 Installing McAfee ePolicy Orchestrator software Things to know before installation • A supported SQL Server (optional for Custom installations, required for Cluster installations). • If you're using a new SQL Server installed manually, or an existing SQL Server you might need to provide the following details during the installation process (depending on your configuration), on the Database Information page: • The name of your SQL Server.
2 Installing McAfee ePolicy Orchestrator software Performing Express installation About HTTP port options The ports used by ePolicy Orchestrator software are predefined, and populated by default. Most port designations can be changed only during the installation process. Review the following table for details about which port assignments you can modify.
2 Installing McAfee ePolicy Orchestrator software Performing Express installation Task 1 Using an account with local administrator permissions, log on to the Windows server computer to be used as the ePolicy Orchestrator server. 2 Run the Setup program. • From the product CD: select a language in the ePolicy Orchestrator autorun window, then select Install ePolicy Orchestrator 4.6. • From software downloaded from the McAfee website: extract files to a temporary location and double-click Setup.exe.
2 Installing McAfee ePolicy Orchestrator software Performing Custom installation Performing Custom installation During Custom installation you can modify the installation process at each step. You can specify destination folders and ports using this option. Before you begin Be sure that you have read, understood, and complied with the information in Installation requirements and recommendations.
2 Installing McAfee ePolicy Orchestrator software Performing Custom installation 5 In the Choose Database Option step, select one of the following and click Next: • Microsoft SQL Express — Automatically installs SQL Server 2005 Express to the default location defined by Microsoft (C:\Program Files\Microsoft SQL Server). • Microsoft SQL Server — To specify a previously installed SQL database server.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation 9 In the HTTP Port Information step, review the default port assignments. Click Next to verify that the ports are not already in use on this system. You can modify some of these ports at this time. Once your installation is complete, you can change only the Agent wake-up communication port and Agent broadcast communication port.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation Table 2-3 Cluster installation terminology (continued) Term Definition ePO Virtual Network Name resource The Network Name resource that you create as part of the ePolicy Orchestrator cluster installation. This virtual Network Name represents the McAfee ePO cluster installation as a whole. References to this Network Name point to the currently active node in your cluster.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation Tasks • Creating the ePolicy Orchestrator application group on page 22 The ePolicy Orchestrator application group is required to separate the ePolicy Orchestrator application from the Microsoft Cluster Services in your cluster environment. • Adding the data drive on page 22 The data drive is the location where you install the ePolicy Orchestrator software. Use a remote drive that all nodes in your cluster can access.
Installing McAfee ePolicy Orchestrator software Performing Cluster installation 2 4 Ensure that ePO is the selected group, then click Next. 5 In the Possible Owners dialog box, identify the owners of the resource. Select the desired node, then click Add. Repeat until all owners are added, then click Next. 6 In the Dependencies dialog box, click Next. 7 In the Disk pull-down list, select the disk and click Finish.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation Task 1 Double click Setup.exe in the installation folder. 2 Follow the wizard until you reach the Setup Type page, then select the Cluster option and click Next. 3 In the Choose Destination Location page, specify the path for the shared data drive and click Next. Use this same path for each node.
Installing McAfee ePolicy Orchestrator software Performing Cluster installation 2 6 In the Dependencies dialog box, specify the dependency for each service. Refer to the Generic Service resource configurations table above for each dependency. 7 In the Generic Service Parameter dialog box, type the Service Name for each service. Leave the Start Parameters field blank, then click Finish.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation 3 Click Next to allow the Client Access Point to be configured, then click Finish when the wizard is complete. 4 If the Client Access Point is offline, right-click the name and choose Bring this resource online. Adding the data drive The data drive is the location where you install the ePolicy Orchestrator software. Use a remote drive that all nodes in your cluster can access.
2 Installing McAfee ePolicy Orchestrator software Performing Cluster installation Table 2-5 Generic Service resource configurations Resource Properties: General tab Properties: Dependencies tab ePolicy Orchestrator 4.6.0 No changes necessary Application Server Data drive ePolicy Orchestrator 4.6.0 Remove the Startup parameters and add a Server blank space. ePolicy Orchestrator 4.6.0 Application Server Apache will not start with any startup parameters specified, and an empty entry is not permitted.
2 Installing McAfee ePolicy Orchestrator software Performing remote Agent Handler installation Performing remote Agent Handler installation Each ePolicy Orchestrator server contains a master Agent Handler. Installing additional remote Agent Handlers can help manage an increased number of products and systems managed by a single, logical ePolicy Orchestrator server in situations where the CPU on the database server is not overloaded.
Installing McAfee ePolicy Orchestrator software Completing a first-time installation 6 2 The Server Information step opens. a Type the machine name of the McAfee ePO server with which the Agent Handler must communicate. b Specify which port to use for Agent Handler-to-server communication. The default port is 8444, the same port used for Client-to-server authenticated communication. Using the default port enables Agent Handler-to-server communication to be performed using only port 8444.
3 Upgrading McAfee ePolicy Orchestrator software You can upgrade version 4.0 Patch 7 or version 4.5 Patch 3 or later of ePolicy Orchestrator software to version 4.6. Contents Things to know before upgrading Upgrading your ePolicy Orchestrator server Upgrading your ePolicy Orchestrator cluster server Upgrading your remote Agent Handlers Things to know before upgrading To successfully complete an upgrade, you need to prepare your environment. Review this content before beginning your upgrade.
3 Upgrading McAfee ePolicy Orchestrator software Things to know before upgrading Backing up ePolicy Orchestrator databases and directories Before you upgrade your software, back up all ePolicy Orchestrator databases, as well as the ePolicy Orchestrator directory. Details on performing these tasks are available in the following KnowledgeBase articles: • ePolicy Orchestrator 4.0 — KB51438 (https://kc.mcafee.com/corporate/index? page=content&id=KB51438) • ePolicy Orchestrator 4.5 — KB66616 (https://kc.
Upgrading McAfee ePolicy Orchestrator software Upgrading your ePolicy Orchestrator server 3 Upgrading your ePolicy Orchestrator server You can upgrade your ePolicy Orchestrator server from version 4.0 Patch 7 or version 4.5 Patch 3 or later to version 4.6. Before you begin Update the system that hosts your ePolicy Orchestrator server with the latest Microsoft security updates, then turn off Windows updates for the duration of the installation process.
3 Upgrading McAfee ePolicy Orchestrator software Upgrading your remote Agent Handlers You can upgrade your ePolicy Orchestrator cluster server from version 4.0 Patch 7 or version 4.5 Patch 3 or later to version 4.6 of the software. Upgrading from ePolicy Orchestrator software 4.0 Patch 7 is supported only on 32-bit server-class operating systems. Task 1 From the active node, open the ePO group in your Windows Cluster Management tool (2003: Cluster Administrator; 2008: Failover Cluster Management).
Upgrading McAfee ePolicy Orchestrator software Upgrading your remote Agent Handlers 3 The upgrade process is a streamlined version of the procedure used for first-time installation of a remote Agent Handler, detailed in Installing remote Agent Handlers under Installing McAfee ePolicy Orchestratorsoftware. Task 1 Copy the Agent Handler folder included in the ePolicy Orchestrator software installation package to the target system. 2 Double-click Setup.
4 Uninstalling McAfee ePolicy Orchestrator software Uninstalling your ePolicy Orchestrator software requires specific steps. Refer to these topics to complete the uninstall process. If you intend to reinstall ePolicy Orchestrator software later, and want to manage agents deployed by the current installation, you must back up your agent-server communication keys. You cannot restore these keys later.
4 Uninstalling McAfee ePolicy Orchestrator software Uninstalling Cluster installations Uninstalling Cluster installations Uninstalling ePolicy Orchestrator from a cluster environment requires that you take specific steps, depending on which server-class operating system you are running. Task 1 • On Windows Server 2003, click Start | Program Files | Administrative Tools | Cluster Administrator. • On Windows Server 2008, click Start | Programs | Administrative Tools | Failover Cluster Management.
5 Troubleshooting and log file reference The most common messages that appear while installing McAfee ePolicy Orchestrator during an installation and their solutions are listed here. Use this information to troubleshoot problems with your installation. If you are unable to resolve an issue using the information in this table, contact McAfee Technical Support after you have taken the steps described below: • Verify that you have met the minimum installation requirements.
5 Troubleshooting and log file reference Common installation messages, and their causes and solutions Message 40 Cause Solution For security reasons, McAfee does The Password box is blank. not allow blank passwords. Please type a valid password to continue. Specify the password of the user account that you want to use. McAfee recommends that you set the video display resolution to 1024x768 or higher.
Troubleshooting and log file reference Default locations of troubleshooting log files 5 Message Cause Solution The ePolicy Orchestrator license has expired. Your license to use the software has expired. Contact your administrator or designated McAfee representative. This system is not currently configured with a static IP address, which is recommended for the ePolicy Orchestrator server. The computer where you are attempting to install the software does not use a static IP address.
5 Troubleshooting and log file reference Default locations of troubleshooting log files Log file name Log type File location Description EpoApSvr.log Primary [InstallDir]\DB\Logs Application Server log file. Present only after initial service startup. Output = RManJNI, DalPolicy, SiteMgr, and SiteMgrWrap. eventparser.log Primary [InstallDir]\DB\Logs Event Parser log file. Present only after initial service startup. Output = EventParser. server.
Index A about this guide 5 Agent Handlers installation 28 upgrading 34 C cluster installation Windows Server 2003 21 Windows Server 2008 25 cluster servers installation 20 terminology 20 testing 27 uninstalling 38 upgrading 33 communication ports, See ports conventions and icons used in this guide 5 D database collation 10 database servers support for 10 distributed repositories requirements 11 documentation audience for this guide 5 product-specific, finding 6 typographical conventions and icons 5 F Fi
Index SQL Servers (continued) support for 10 upgrade scenarios 15 support for Internet browsers 11 operating systems 9 SQL Servers 10 virtual servers 10 supported products 12, 31 upgrading (continued) cluster servers 33 preparing for 31 servers 33 V virtual servers support for 10 T W Technical Support, finding product information 6 what's in this guide 6 Windows Server 2003 cluster installation 21 support for 9 Windows Server 2008 cluster installation 25 support for 9 U uninstalling cluster servers
-00
