Advanced Threat Defense Support

Install & Upgrade

Review the supported platforms and environments documentation prior to installation:

The deployment checklist helps you prepare for installation and upgrade to McAfee Advanced Threat Defense:

Ensuring that you have the right ports open for proper initialization and communication between your peer devices and McAfee Advanced Threat Defense is a critical step in the installation process:

Refer to the relevant installation guide for instructions to install McAfee Advanced Threat Defense:

All product software, release notes, and documentation are available on the Product Downloads page.

Post Installation and Upgrade

Conduct the following checks once you have finished the install or upgrade process:

  • Confirm that you can log in to the McAfee Advanced Threat Defense web interface. View recommended browser and security settings.
  • First time log-in credentials are default
  • Check the Manager → Logs → Upgrade to confirm the current version installed
  • All data and configuration settings are transferred from your previous version, in case of an upgrade
  • Check the Dashboard to confirm that VM Creation status is successful on VM Status Monitor

Note: If your current version of McAfee Advanced Threat Defense is earlier than 4.0, such as 3.8.x (EOL), you must migrate to version 4.2 before migrating to the latest version. Refer to the McAfee Advanced Threat Defense 4.2 Migration Guide for detailed instructions.

Backup and Recovery


McAfee Advanced Threat Defense provides a migration package for customers to migrate both physical and virtual appliances.

  • The migration process time will depend on the size of your database
  • Please allow a minimum of 90 minutes for your migration to complete

Note: You cannot upgrade to McAfee Advanced Threat Defense 4.6. Customers can migrate to version 4.6 using the migration package.

Reference these documents for more information:

Refer to the following guide on how to migrate from your current version to McAfee Advanced Threat Defense 4.6:


For configuration settings to apply and be successful, we highly recommended to review the user accounts on your appliance and change the default passwords for both atdadmin and cliadmin.

You will be prompted at first-time login to change the default passwords. For details, see Password Control.

Configuration of VMs and malware analysis are key steps to a successful deployment. Please see the guides below to make the best decisions for your setup:

Refer to the following documentation for details on configuration and setup of McAfee Advanced Threat Defense:


If you encounter any issues during installation, migration, and configuration of the product, logs will need to be collected and sent to McAfee Technical Support for analysis.

Frequently used troubleshooting articles by topic:

VM Creation

McAfee Advanced Threat Defense Appliance

McAfee Network Security Platform Integration

Root Certificate Expiration

The McAfee product line uses TLS for secure communication. Two certificates validate McAfee TLS chains, including a primary expiring in 2038 and a secondary expiring on May 30, 2020. If either certificate, or both, are present in your environment, TLS will function correctly prior to May 30, 2020. After May 30, 2020, only the primary certificate will be valid. Out of an abundance of caution McAfee is informing customers of this impending event.

Generally, certificates are auto-updated through operation systems and customers will not be impacted. However, in environments where automatic management of root certificates is disabled and the primary certificate has not been manually deployed, customers will potentially be impacted. KB92937 provides information on how to verify and install the primary certificate.

Failure to have a valid certificate will cause product issues including reduced detection efficacy.

The primary certificate that needs to be validated is in a customer's environment as below:

Subject : CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
Thumbprint : 2B8F1B57330DBBA2D07A6C51F70EE90DDAB9AD8E
Expiration : 2038-01-18

Subscribe to KB92937 to receive updates.

Data Sheet


Free Demo


More Information

Contact Us
Trellix Logo

You're exiting McAfee Enterprise.

Please pardon our appearance as we transition from McAfee Enterprise to Trellix.

Exciting changes are in the works.
We look forward to discussing your enterprise security needs.

You will be redirected in 0 seconds. If not, please click here to continue

McAfee Logo