Demandes de supportInstallation
The guides below explain how to install the product using McAfee ePolicy Orchestrator (McAfee ePO) or standalone methods (third-party product deployments will use the standalone method). A standalone product deployment can be switched to McAfee ePO managed. Review the supported environments documentation before deploying McAfee Application Control or McAfee Change Control:
For details about supported Linux kernels, refer to the supported platforms KB article. The articles below state the minimum product versions needed to support a specific Linux kernel version.
- Linux kernel support for McAfee Application Control and McAfee Change Control 6.3.x (KB 90947)
- Linux kernel support for McAfee Application Control and McAfee Change Control 6.2.0 (KB 90426)
- Linux kernel support for McAfee Application Control and McAfee Change Control 6.1.7 (KB 84289)
For Linux kernels not listed with official support, there are other methods that can be used to build a custom McAfee Application Control and McAfee Change Control installation package.
- Kernel Compatibility Checker (KB 87443)
- How to build McAfee Application Control and McAfee Change Control on an unsupported kernel (KB 89516)
Installation guides for Windows
Installation guides for Linux
- McAfee Application Control and McAfee Change Control 6.3.0
- First-time installation workflow
- Logs for successful installations:
- /var/log/mcafee/solidcore/solidcoreS3_install_<rel>-<build>.log
- Logs for unsuccessful installations:
- /tmp/solidcoreS3_install.log
- /tmp/bitrock_installer_<PID>.log
If you have an issue during installation, see the following documentation:
Windows
- Executing action ca_inst_CheckUNC failed (Application and Change Control installation fails when Solidcore files from a previous installation remain)
- Windows cannot open this program because it has been prevented by a software restriction policy (installation or upgrade of McAfee Application Control and McAfee Change Control fails)
- Review the installation log files:
- Solidcore_Installer.log and solidcore_setup.log files under %SYSTEMROOT%. You can view the log files contents to verify if errors occurred during the upgrade.
- McAfee Application Control and McAfee Change Control 8.1.0 and higher also include the additional install log files. Review the mac_mpt.log and mac_mpt.etl files under %SYSTEMROOT% directory location.
- Solidcore_Installer.log and solidcore_setup.log files under %SYSTEMROOT%. You can view the log files contents to verify if errors occurred during the upgrade.
Linux
- Review the log file:
- If the upgrade is successful, the solidcoreS3_install_<rel><build>.log file is created in the /var /log/mcafee/solidcore directory.
- If the upgrade fails, the solidcoreS3_install.log file is present in the /tmp directory. For error details, review the most-recent bitrock_installer.log or bitrock_installer_.log file in the /tmp directory.
Upgrade
McAfee defines an upgrade as a deployment where a version of McAfee Application Control or McAfee Change Control already exists on the endpoint. Review the supported environments documentation to ensure that the environment is compatible before deployment.
Review the guides below for information about how to install McAfee Application Control and McAfee Change Control and for additional details regarding system requirements.
Windows
Linux
- McAfee Application Control and McAfee Change Control 6.3.0
- Upgrade installation workflow
- Review the log file
- If the upgrade is successful, the solidcoreS3_install_<rel><build>.log file is created in the /var /log/mcafee/solidcore directory.
- If the upgrade fails, the solidcoreS3_install.log file is present in the /tmp directory. For error details, review the most-recent bitrock_installer.log or bitrock_installer_.log file in the /tmp directory.
- Windows cannot open this program because it has been prevented by a software restriction policy (installation or upgrade of McAfee Application Control and McAfee Change Control fails)
- Review the installation log files as specified above
If you have an issue during installation, see the following documentation:
Configuration & Best Practices
The default settings typically require additional configuration and tuning for most environments. To get acquainted with the software, review the documentation below:
- McAfee Application Control FAQ
- Supported environments for McAfee Application Control and McAfee Change Control
- REGISTERED — Support for legacy Windows platforms with McAfee Application Control and McAfee Change Control
Product guides
- McAfee Application Control 8.2
- McAfee Change Control 8.2
- McAfee Application Control 8.0
- McAfee Application Control 7.0
- McAfee Application Control 6.2
Best practices guides
These guides cover installing in cloned or imaged environments, deployment strategy, guidelines for default policies, recommendations for fetching inventory, and managing applications.
- McAfee Application Control & McAfee Change Control 8.0
- McAfee Application Control & McAfee Change Control 7.0
- McAfee Application Control & McAfee Change Control 6.2
Command line guides
- McAfee Application Control 8.2 Windows CLI Interface Guide
- McAfee Change Control 8.2 Windows CLI Interface Guide
- McAfee Application Control 8.0 Windows CLI Interface Guide
- McAfee Change Control 8.0 Windows CLI Interface Guide
- McAfee Application Control 7.0 Windows CLI Interface Guide
- McAfee Change Control 7.0 Windows CLI Interface Guide
- McAfee Application Control 6.2 Windows CLI Interface Guide
- McAfee Change Control 6.2 Windows CLI Interface Guide
If you want to go from standalone to managed with McAfee Application Control:
- How to manage a standalone deployed McAfee Application Control Windows installation with McAfee ePO
- How to manage a standalone deployed McAfee Application Control/Change Control Linux/Unix Install with McAfee ePO
If you are running McAfee Host Intrusion Prevention, McAfee Endpoint Security, or McAfee VirusScan Enterprise with McAfee Application Control, here are some recommendations:
- Exclusions for McAfee Application Control and McAfee Change Control to improve post-install performance
- McAfee Application Control and McAfee Change Control memory protection should be disabled with Host Intrusion Prevention and or Endpoint Security installed
- McAfee Application Control and McAfee Change Control prevents installation of Endpoint Security
- Endpoint Security Web Control Extension is disabled after installing Web Control on a system with McAfee Application Control and McAfee Change Control 8.1.0.118.1
The memory protection that is provided via McAfee Host Intrusion Prevention, McAfee Endpoint Security, and McAfee VirusScan Enterprise is superior to what your installed version of McAfee Application Control provides, so there is no security risk in doing this.
We recommend that McAfee Application Control memory protection features be disabled on all machines that have memory protection technology from another McAfee product. You can safely use McAfee Application Control memory protection on all machines that do not have another product installed that includes memory protection technology.
Please see McAfee Application Control 8.2.0 Release notes for more information on configurable memory protection and SAU in McAfee ePO.
Additional Resources
- McAfee Application Control corrupt inventory fallback process
- Processing overview for the McAfee Application Control Pull Inventory client task
- How Updaters work with McAfee Application Control and McAfee Change Control
- McAfee Application Control checks for reputation-based execution and final reputation
- Differences between "Observation mode" and "Update mode" in McAfee Application Control
Managing McAfee Application and McAfee Change Control
To disable McAfee Application Control and McAfee Change Control, you need access to one of the following:
- The McAfee ePO server with the appropriate permissions
- Utilize the McAfee Application Control and McAfee Change Control client tasks (SC: Disable, SC: Observe Mode)
- Local administrator command line access
- Administrative Windows command line access to the host with knowledge of the McAfee Application Control CLI password
- How to disable McAfee Application Control and McAfee Change Control in safemode
Any of the above requires a reboot to disable McAfee Application Control and not have the drivers loaded. With current versions of McAfee Application Control and McAfee Change Control, it is not possible to disable the product without rebooting.
Note: Uninstalling the product, requires it to be in Disable mode first.
Refer to the following documentation about policy optimization. All require logging in to ServicePortal.
- Performance and stability improvements for multiple products now available
- Performance and stability improvements for multiple products includes support for the Windows 10 release in April 2018
- McAfee Application Control and McAfee Change Control 8.x consumes a higher amount of resources than the previously released versions resulting in performance issues
- Performance issues on McAfee Application Control endpoints when Global Threat Intelligence and Threat Intelligence Exchange communication fails
- Performance issues occur after installation of the extension
- McAfee Application Control 6.x observations generate in large numbers causing McAfee ePO performance and database size issues
FAQ
- McAfee Application Control and McAfee Change Control
- Windows 10 compatibility with McAfee products
- Windows Server 2016 compatibility with McAfee products
- McAfee Application Control and McAfee Change Control License Support
- Processing overview for the McAfee Application Control Pull Inventory client task
- How Updaters work
- Implications of disabling "Inventory-Diff" for McAfee Application Control
Known Issues
- McAfee Application Control 8.x Known Issues
- McAfee Application Control 7.x Known Issues
- McAfee Application Control 6.x Known Issues
- McAfee Change Control 8.x Known Issues
- McAfee Change Control 7.x Known Issues
- McAfee Change Control 6.x Known Issues
Troubleshooting
- How to troubleshoot compatibility issues between McAfee products and third-party applications
- How to enable Orion debug logging for the McAfee Application Control and McAfee Change Control (Solidcore) extension
- A system crash without a blue screen or a command-line interface crash can occur on a Windows 10 system after McAfee Application Control is placed in any mode other than Disabled
Features
- Agents report Memory Protection (mp-vasr) is enabled, but the McAfee Application Control Features policy is configured to not enforce mp-vasr
- Description of package control behavior with Pkg-ctrl-allow-uninstall feature state disabled for McAfee Application Control
- Explanation of the MPCompat (Memory-Protection Compatibility) feature introduced in McAfee Application Control
- Installer Detection bypass option is Deprecated for endpoints running version (Package Control in relation to the architecture rules for the attr -i command)
