McAfee Endpoint Security 10.7 Beta

What's new in the 10.7 release

Thank you for volunteering to participate in the McAfee Endpoint Security Version 10.7 Beta Program. We appreciate your time and effort to exercise the new capabilities, validate compatibility of our software in your environment, and provide us feedback. All feedback you send is reviewed for inclusion into this release or a forthcoming release.

Most importantly, take your time using the new product as you would normally use it in your environment. We are excited about the changes in this release and look forward to your feedback.

Releases can introduce new features and enhancements or update platform support.

This release of McAfee Endpoint Security contains improvements and fixes, including:

  • Enhanced protection against fileless threats
  • Story Graph for visualizing detections
  • AMSI and PowerShell Event Logging integration for enhanced Real Protect script scanning
  • Enhanced remediation capabilities
  • Consolidated installation with a single check-in and deployment experience
  • Support for on-demand scan from the command line and improved scanning performance

     

This release introduces new features or improves existing features:

Installation and upgrade

  • Installer consolidation — All files required to install or upgrade the Endpoint Security product modules are included in a single package file called Endpoint Security. McAfee Endpoint Security Adaptive Threat Protection (ATP) is included in the package file.

    By default, all product modules are installed. If you don't want to install all product modules, you can use a command-line option to specify the modules you want to install.

    During product upgrades, the installation wizard detects which product modules are installed and upgrades them to the same version. You can remove modules that you don't want to upgrade, and you can specify additional modules to install.

  • Support for case sensitivity — On systems running the Microsoft Windows 10 October 2018 Update (1810), verify that the case-sensitivity attribute is disabled for folders where you want to install the product software. You can check and change this attribute setting in Windows. Once installed, Endpoint Security protects the product folders against enabling case sensitivity, to ensure that this attribute setting won't prevent product updates and upgrades.

McAfee Endpoint Security Common

  • Client interface lockout behavior — Adds the ability to enforce an Endpoint Security Client lockout if the number of failed password attempts exceeds the configured limit. Use the Enable client interface lockout setting in the Common Options policy in McAfee ePolicy Orchestrator (McAfee ePO) to configure lockout behavior.

McAfee Endpoint Security Threat Prevention

  • On-demand scan command line interface — Adds the ability to start, stop, pause, resume, and get status for Quick, Full, and custom on-demand scans from the command line or as part of a batch file.
  • Custom on-demand scan command line interface — Adds the ability to run a previously defined custom on-demand scan with new settings, without changing the settings of the original custom scan.
  • Update command line interface — Adds the ability to update the scan engine, AMCore content, and Exploit Prevention from the command line or as part of a batch file.
  • Expert Rules enhancements.
    • Adds REGVAL_DATA, a new MATCH_type value that matches against registry value data in the context of a registry value set operation, either when a registry variable is created or its value is changed.
    • Adds behavioral protection rules.
  • On-demand scan CPU throttling — Adds the ability to configure the maximum percentage of CPU (between 25% and 100%, default is 80%) that the Full Scan consumes when scanning files. This feature is disabled by default and only available when Scan anytime is selected. It's an alternative to using the System utilization setting.

McAfee Endpoint Security Web Control

  • Microsoft Edge support — Adds Microsoft Edge as a supported browser.

McAfee Endpoint Security Adaptive Threat Protection (ATP)

  • Enhanced script scanning — Enables integration with AMSI (Antimalware Scan Interface) and PowerShell Event Logging to enhance scanning for threats in non-browser-based scripts, such as PowerShell, JavaScript, and VBScript. This feature is enabled by default.
  • Enhanced remediation — Monitors the behavior of processes with a reputation of Unknown and below, and their children, tracking all changes that the processes make to the system. If a monitored process exhibits malicious behavior, enhanced remediation stops the process and reverts changes that it made, restoring the system as close as possible to its original state before the process ran. This feature is enabled by default and only available when Clean when reputation threshold reaches is enabled.
  • Enhanced fileless threat protection — Allows McAfee to detect and protect against fileless, dual-use, and live-off-the-land attacks.
  • Story Graph for Adaptive Threat Protection detections — Provides a visual representation of the events leading up to a detected threat. It allows you to examine malicious activities and determine the appropriate action. Scroll down in the McAfee ePO Threat Event Log to review the Story Graph for a particular event.

Updated platform, environment, or operating system support

This release extends support to additional platforms, environments, or operating systems:

  • Microsoft Windows 10 — Adds Microsoft Windows 10 October 2018 Update (1810) as a supported operating system.
  • McAfee ePO 5.10 — Adds McAfee ePO 5.10 as a supported management platform.

WorkStation

These are noted in KB82761 (https://kc.mcafee.com/corporate/index?page=content&id=KB82761).

  • Windows 10 Fall Creators Update
  • Windows 10 Creators Update
  • Windows 10 Anniversary Update
  • Windows 10 November Update
  • Windows 10
  • Windows 10 IoT Enterprise
  • Windows 8.1 Update 1
  • Windows 8.1
  • Windows 8 [Not including Windows 8 RT (Runtime) edition]
  • Windows To Go – All versions
  • Windows 7 SP1
  • Windows Embedded 8: Pro, Standard, and Industry
  • Windows Embedded Standard 7

Server

  • Windows Server 2016 RS3 (including Server Core Mode)
  • Windows Server 2016 (including Server Core Mode)
  • Windows Server 2012 R2 Update 1: Essentials, Standard, and Data Center (including Server Core Mode)
  • Windows Server 2012 R2
  • Windows Server 2012
  • Windows Storage Server 2012 and 2012 R2
  • Windows Server 2008 R2: Standard, Data Center, Enterprise, and Web (including Server Core Mode)
  • Windows Storage Server 2008 R2
  • Windows Small Business Server 2011

System requirements:

Mac that can run with supported operating system configuration
Browser: Safari 6.2.x and later, 7.1.x and later, and 8.0.x and later
This information is also in KB82761 (https://kc.mcafee.com/corporate/index?page=content&id=KB82761).

Downloads

Package Description
ens_10-7_Beta_master_pacakge_ext_v1.zip Endpoint Security 10.7 has all the pieces necessary for McAfee ePO-managed endpoints
ens_10-7_Beta_standalone_install_v1.zip Endpoint Security 10.7 Beta for standalone or self-managed machines
ens_10-7_Beta_Bundle_v1.zip Endpoint Security 10.7 Beta individual extensions and packages
ens_10-7_Beta_package_designer_v1.zip Endpoint Security 10.7 Package Designer software to create custom installations
ens_10-7_Beta_test_samples_v1.zip Sample files to use while testing the Endpoint Security 10.7 Beta software

Documentation

Package Description
ens_10-7_Beta_EULA_v1.txt Endpoint Security Beta End User License Agreement
ens_10-7_Beta_release_notes_v1.pdf Endpoint Security 10.7 Beta Release Notes
ens_10-7_Beta_install_guide_epo_english_v2.pdf Endpoint Security 10.7 Beta Installation Guide for McAfee ePO-managed systems
ens_10-7_Beta_install_guide_standalone_english_v1.pdf Endpoint Security 10.7 Beta Installation Guide for standalone systems
ens_10-7_Beta_test_scenarios_v3.zip Endpoint Security 10.7 Beta test scenarios to exercise
ens_10-7_Beta_known_issues_v3.pdf Currently knowns issues with the Beta product for your reference
ens_10-7_Beta_product_guides_english_v1.zip Endpoint Security 10.7 Beta Product Guides for all modules
ens_10-7_BETA_troubleshooting_instructions_v1.pdf Endpoint Security 10.7 Beta troubleshooting reference