mcafee client proxy 1.1 · pdf filemcafee client proxy software on mcafee epo servers must be...

Product GuideRevision B

McAfee Client Proxy 1.1.0

COPYRIGHTCopyright © 2014 McAfee, Inc. Do not copy without permission.

TRADEMARK ATTRIBUTIONSMcAfee, the McAfee logo, McAfee Active Protection, McAfee DeepSAFE, ePolicy Orchestrator, McAfee ePO, McAfee EMM, Foundscore, Foundstone, PolicyLab, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, McAfee Total Protection, TrustedSource,VirusScan, WaveSecure are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Othernames and brands may be claimed as the property of others.

Product and feature names and descriptions are subject to change without notice. Please visit mcafee.com for the most current products and features.

LICENSE INFORMATION

License AgreementNOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETSFORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOUHAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOURSOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR AFILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SETFORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OFPURCHASE FOR A FULL REFUND.

2 McAfee Client Proxy 1.1.0 Product Guide

http://mcafee.com

Contents

Preface 5About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Find product documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

1 Introduction 7How McAfee Client Proxy works . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Deployment options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Managing McAfee Client Proxy with McAfee ePO2 Completing the setup using McAfee ePO 13

Check the system requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Download and install the product files . . . . . . . . . . . . . . . . . . . . . . . . . 14Install the extension . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Check in the package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Deploy to end-user computers using McAfee ePO . . . . . . . . . . . . . . . . . . . . . 15

3 Configuring and using McAfee Client Proxy with McAfee ePO 17Configurable policy options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Configure a policy using McAfee ePO . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Configure the proxy servers . . . . . . . . . . . . . . . . . . . . . . . . . . 19Configure the client settings . . . . . . . . . . . . . . . . . . . . . . . . . . 20Configure the Bypass List . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Configure the Block List . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Assign the policy using McAfee ePO . . . . . . . . . . . . . . . . . . . . . . . 20

View end-user installation data . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Cancel policy enforcement using McAfee ePO . . . . . . . . . . . . . . . . . . . . . . 22Export the policy to an XML file . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

4 Maintaining McAfee Client Proxy using McAfee ePO 25Upgrade McAfee Client Proxy using McAfee ePO . . . . . . . . . . . . . . . . . . . . . 25Install a hotfix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26Uninstall McAfee Client Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Remove the extension from McAfee ePO . . . . . . . . . . . . . . . . . . . . . 27Remove the package in McAfee ePO . . . . . . . . . . . . . . . . . . . . . . . 27Create the Systems Management Server uninstall package . . . . . . . . . . . . . . 27Run the uninstall package from a command line . . . . . . . . . . . . . . . . . . 28

Managing McAfee Client Proxy outside of a McAfee ePOsystem

5 Completing the setup using the Control Console 31

McAfee Client Proxy 1.1.0 Product Guide 3

Check the system requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Download and install the product files . . . . . . . . . . . . . . . . . . . . . . . . . 32

6 Configuring and using McAfee Client Proxy with the Control Console 33Configurable policy options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33Create a policy using the Control Console . . . . . . . . . . . . . . . . . . . . . . . . 35

Configure the proxy servers . . . . . . . . . . . . . . . . . . . . . . . . . . 36Configure the bypass list . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36Configure the block list . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37Configure redirection settings . . . . . . . . . . . . . . . . . . . . . . . . . 37

Deploy to end-user computers using other systems . . . . . . . . . . . . . . . . . . . . 37Create an installation package using Microsoft Systems Management Server . . . . . . . 37Create the advertisement using Microsoft Systems Management Server . . . . . . . . . 39

View status and configuration details . . . . . . . . . . . . . . . . . . . . . . . . . . 39Generate a release code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

7 Maintaining McAfee Client Proxy on your system 41Upgrade McAfee Client Proxy on your system . . . . . . . . . . . . . . . . . . . . . . 41Install a hotfix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41Uninstall McAfee Client Proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Create the Systems Management Server uninstall package . . . . . . . . . . . . . . 42Run the uninstall package from a command line . . . . . . . . . . . . . . . . . . 43

Index 45

Contents


Preface

Contents About this guide Find product documentation

About this guideThis information describes the guide's target audience, the typographical conventions and icons usedin this guide, and how the guide is organized.

ConventionsThis guide uses these typographical conventions and icons.

Book title, term,emphasis

Title of a book, chapter, or topic; a new term; emphasis.

Bold Text that is strongly emphasized.

User input, code,message

Commands and other text that the user types; a code sample; a displayedmessage.

Interface text Words from the product interface like options, menus, buttons, and dialogboxes.

Hypertext blue A link to a topic or to an external website.

Note: Additional information, like an alternate method of accessing anoption.

Tip: Suggestions and recommendations.

Important/Caution: Valuable advice to protect your computer system,software installation, network, business, or data.

Warning: Critical advice to prevent bodily harm when using a hardwareproduct.

Abbreviations This guide uses the following abbreviations:

AD (Microsoft) Active Directory

FTP File Transport Protocol

HTTP / HTTPS Hypertext Transfer Protocol / HTTP over Secure Sockets

NTLM NT LAN Manager

SaaS Software as a Service (specifically, McAfee SaaS Web Protection Service)


SMS (Microsoft) Systems Management Server

SNMP Simple Network Management Protocol

TCP Transmission Control Protocol

VPN virtual private network

XML Extensible Markup Language

Find product documentationMcAfee provides the information you need during each phase of product implementation, frominstallation to daily use and troubleshooting. After a product is released, information about the productis entered into the McAfee online KnowledgeBase.

Task1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com.

2 Under Self Service, access the type of information you need:

To access... Do this...

User documentation 1 Click Product Documentation.

2 Select a product, then select a version.

3 Select a product document.

KnowledgeBase • Click Search the KnowledgeBase for answers to your product questions.

• Click Browse the KnowledgeBase for articles listed by product and version.

PrefaceFind product documentation


http://mysupport.mcafee.com

1 Introduction

McAfee® Client Proxy is a Windows desktop agent that is an essential component of the McAfee® WebHybrid Security solution. The McAfee Client Proxy technology allows you to apply your organization'sweb security policy to a computer, regardless of its location.

Contents How McAfee Client Proxy works Deployment options

1


How McAfee Client Proxy worksMcAfee Client Proxy extends network security solutions to computers inside and outside the corporatenetwork. End users receive automatic protection, regardless of their location (for example, a laptop ormobile computing device in a hotel or coffee shop).

McAfee Client Proxy redirects web traffic and network communications to a web filtering solution —either McAfee® Web Gateway or McAfee® SaaS Web Protection Service — to recognize the environment(whether it is inside the corporate network, connected by VPN, or outside the corporate network).Depending on the location of the end-user device, McAfee Client Proxy enforces your organization'spolicies to determine whether to route the web request, deny access, or bypass a proxy server.

Figure 1-1 McAfee Client Proxy workflow

1 IntroductionHow McAfee Client Proxy works


1 When an end user is working within the corporate network, McAfee Client Proxy communicates withMcAfee® ePolicy Orchestrator® (McAfee ePO™), or other servers configured within the policy, andrecognizes that the end user is working within the corporate network. McAfee Client Proxy remainspassive, allowing web traffic and network communications to pass through.

2 When McAfee Client Proxy recognizes that the end user is working outside the corporate network, itredirects all web traffic and network communications to the McAfee SaaS Web Protection Serviceweb filtering solution. All web traffic and network communication requests sent by McAfee ClientProxy to the McAfee SaaS Web Protection Service include end-user and AD group information thatis applied to your organization's policy. If the sent end-user information is mapped to a McAfeeSaaS Web Protection Service user account, McAfee Client Proxy applies the associated policy to theexisting user account.

• If McAfee SaaS Web Protection Service does not recognize the sent end-user informationas a mapped McAfee SaaS Web Protection Service user account, McAfee Client Proxyapplies the AD group information. If one or more AD groups match the end-userinformation, McAfee SaaS Web Protection Service applies the associated policy or acombination of associated policies.

• When the sent end-user and AD group information are both unrecognized by McAfeeSaaS Web Protection Service, the proxy uses the default web policy.

For organizations that use McAfee SaaS Web Protection Service, McAfee Client Proxy also provides theoption to always redirect web traffic and network communications to McAfee SaaS Web ProtectionService, whether the end user is working outside or inside the corporate network.

For more information on the McAfee SaaS Web Protection Service and McAfee Web Gatewayappliances, and how to set them up to work with McAfee Client Proxy, see the McAfee Web HybridDeployment Guide.

Deployment optionsMcAfee Client Proxy can be deployed either with McAfee ePO, or outside of McAfee ePO.

Deploying with McAfee ePO

McAfee highly recommends using McAfee ePO, especially in a large enterprise, because it provides asingle management platform that enables policy management and product enforcement. In this case,McAfee ePO is installed and configured on the administrator operating system. The end user installingMcAfee Client Proxy software on McAfee ePO servers must be a member of the local administratorgroup.

Example of the high-level process

1 Install the McAfee Client Proxy extension .zip file so it is available in McAfee ePO.

2 Check in the McAfee Client Proxy package to the McAfee ePO Master Repository.

3 Download the .xml file from the McAfee® SaaS Control Console (Control Console) that the McAfeeClient Proxy extension imports.

4 Deploy McAfee Client Proxy to end-user computers within your corporate network.

5 Create policies that meet the needs of your network.

IntroductionDeployment options 1


Deploying outside of McAfee ePO

If you are using McAfee Client Proxy in a small- to medium-sized company and do not have McAfeeePO, you can install the product within your corporate network using a system like Microsoft SystemsManagement Server. In this case, you use McAfee Client Proxy to manually push policies to end-usercomputers.

Example of the high-level process

1 Install McAfee Client Proxy on the administrator operating system that will deploy policies.

2 Use McAfee SaaS Web Protection Service to create policies that meet the needs of your network.

3 Install Microsoft Visual C++ 2005 SP1 Redistributable Package (x86) on the administratoroperating system that will deploy policies.

4 Using the Microsoft Systems Management Server console, create an installation package.

5 Create the Microsoft Systems Management Server advertisement.

6 Deploy configured policies to end-user computers in your corporate network.

1 IntroductionDeployment options


Managing McAfee Client Proxywith McAfee ePO

Chapter 2 Completing the setup using McAfee ePOChapter 3 Configuring and using McAfee Client Proxy with McAfee ePOChapter 4 Maintaining McAfee Client Proxy using McAfee ePO


Managing McAfee Client Proxy with McAfee ePO


2 Completing the setup using McAfee ePO

To set up McAfee Client Proxy in your corporate network, download and install the McAfee Client Proxyinstallation files on the administrator operating system, and deploy McAfee Client Proxy to end-usercomputers.

• McAfee Client Proxy can be set up on the same computer as McAfee ePO, or on aseparate computer that has the ability to communicate with McAfee ePO. Additionalconfiguration might be necessary to ensure communication through any firewall in place.

• McAfee ePO must be installed and correctly running before installing McAfee Client Proxy.

• You must have administrator rights to be able to install McAfee Client Proxy softwareusing McAfee ePO.

• After completing the setup, McAfee Client Proxy runs on the end-user computer without apolicy file, and does not redirect data until a policy is configured.

Contents Check the system requirements Download and install the product files Install the extension Check in the package Deploy to end-user computers using McAfee ePO

Check the system requirements Verify that your network systems meet the hardware and operating system requirements.

Table 2-1 Hardware requirements

Hardware type Specifications

Servers — Run the McAfee ePO software andMcAfee Client Proxy extension.

• CPU — Intel Pentium IV 2.8 GHz or later

• RAM — 1 GB minimum

• Hard disk — 80 GB minimum

End-user computers — Run the McAfee ClientProxy software.

• CPU — Pentium III 1 GHz or later


• Hard disk — 200 MB minimum free disk space

2


Table 2-2 Operating system requirements — 32-bit

Computer type Software

Servers — Run the McAfee ePOsoftware and McAfee Client Proxyextension.

• Microsoft Windows 2003 Server Standard (SE) SP1 or later

• Windows 2003 Enterprise (EE) SP1 or later

• Windows 2008 Server Enterprise

End-user computers — Run theMcAfee Client Proxy software.

• Windows XP Professional SP3 or later

• Windows Vista SP2 or later

• Windows 7 SP1 or later

• Windows 8



Servers — Run the McAfee ePO software andMcAfee Client Proxy extension.

• Windows 2003 Server Standard (SE) SP1 or later





• Windows 8

Download and install the product filesDownload the McAfee Client Proxy product files from the McAfee Content & Cloud Security Portal andinstall them on the administrator operating system.

Task1 Download the product files.

a Log on to the operating system as an administrator.

b Go to the McAfee Content & Cloud Security Portal.

c Enter your user name and password, then click Login.

d Select Software | McAfee Web Gateway | Tools | McAfee Client Proxy.

e Select and save the .zip file for your operating system.

2 Install the product files.

a Run the MCPService.exe file.

b Follow the on-screen prompts to complete the installation.

Install the extensionInstall the McAfee Client Proxy extension .zip file so it is available in McAfee ePO.

2 Completing the setup using McAfee ePODownload and install the product files


https://contentsecurity.mcafee.com

TaskFor option definitions, click ? in the interface.

1 From the McAfee ePO interface, select Menu | Software | Extensions.

2 Click Install Extension.

3 Click Browse to locate the McAfee Client Proxy extension .zip file, then click Open | OK.

The Install Package window appears.

4 Click OK.

5 To verify the extension successfully installed, select Menu | Software | Extensions.

Check in the packageCheck in the McAfee Client Proxy package to the McAfee ePO Master Repository.


1 From the McAfee ePO interface, select Menu | Software | Master Repository.

2 From the Actions menu, select Check In Package.

3 In the Check In Package window, select the package type, then click Browse.

4 Choose the McAfee Client Proxy extension .zip file you downloaded earlier, and click Open.

McAfee Client Proxy appears in the Packages in Master Repository list.

Deploy to end-user computers using McAfee ePODeploy McAfee Client Proxy software to end-user computers using McAfee ePO.

Task1 From the McAfee ePO interface, select Menu | Systems | System Tree.

2 From the System Tree list, select the subgroup level to deploy McAfee Client Proxy.

• Select the My Organization subgroup to deploy McAfee Client Proxy to all computersmanaged by McAfee ePO.

• To deploy McAfee Client Proxy to the individual computers available in the right-handpane, select a subgroup under My Organization.

3 Click the Assigned Client Tasks tab.

4 From the Actions menu, select New Client Task Assignment.

The Client Task Assignment Builder wizard opens.

Completing the setup using McAfee ePOCheck in the package 2


5 Configure the Client Task Assignment Builder options.

a From the Product menu, select McAfee Agent.

b From the Task Type menu, select Product Deployment,

c Click Create New Task.

The Product Deployment window appears.

6 Configure the Product Deployment options.

a Enter a task name and optional description.

b Select a Target platform.

c In the Products and Components field, select McAfee Client Proxy from the drop-down list.

The remaining fields automatically populate.

d Configure the remaining options.

e Click Save.

7 Click Next.

8 From the Schedule type drop-down list, select Run immediately, then click Next.

9 Review the task summary, then click Save.

The task is scheduled for the next time the McAfee Agent checks for updates. To force theinstallation to run immediately, issue an agent wake-up call.

After installation, McAfee Client Proxy runs immediately without restarting the end-user computer. Atthis point, McAfee Client Proxy runs on the end-user computer without a policy file, and does notredirect data until a policy is configured.

2 Completing the setup using McAfee ePODeploy to end-user computers using McAfee ePO


3 Configuring and using McAfee ClientProxy with McAfee ePO

Use McAfee ePO to manage and configure the options that define the McAfee Client Proxy policiesenforced on end-user computers.

Contents Configurable policy options Configure a policy using McAfee ePO View end-user installation data Cancel policy enforcement using McAfee ePO Export the policy to an XML file

Configurable policy optionsPolicy options allow you to tune multiple settings when you configure policies.

The following are configurable policy options available in McAfee ePO.

Proxy Server List

When McAfee Client Proxy detects that an end-user computer is disconnected from the corporatenetwork, network traffic is automatically redirected to McAfee Web Gateway or McAfee SaaS WebProtection Service servers, which are configured in the Proxy Server List.

You can configure how McAfee Client Proxy connects to proxy servers using these options:

• connect to the first proxy server that is accessible based on their order in the following list — McAfee Client Proxyconnects to the first proxy server in the Proxy Server List. If the connection to the first proxy server inthe list fails, the software attempts a connection on the second proxy server in the list. If theconnection is lost during transmission, the software reconnects with the first proxy server in thelist.

• connect to the proxy server that has the fastest response time — McAfee Client Proxy connects to the closestproxy server in the Proxy Server List based on the proxy server response time. If the connection to theclosest proxy server fails, the software attempts to connect to the second closest proxy server. Ifthe connection is lost during transmission, the software reconnects with the original closest proxyserver.

When HTTP/HTTPS traffic is redirected, McAfee Client Proxy adds metadata to the request, such as:

• Identification tokens

• Encrypted domain user names

• AD groups

3


The proxy server uses this metadata to verify that McAfee Client Proxy is redirecting the networktraffic, then determines the policy definitions configured in the associated policy.

Client ConfigurationClient Configuration options define how McAfee Client Proxy behaves inside and outside the corporatenetwork for end users.

• Customer Identifier — McAfee Client Proxy includes a customer ID with a required secret key in itspolicy definition to ensure client identities are securely protected. The customer ID also determineswhich policy to apply and when to apply it.

• Traffic Redirection — McAfee Client Proxy redirects network traffic to proxy servers, whether inside thecorporate network, connected by VPN, or outside of the corporate network.

• Corporate Network Detection — When the end-user computer is inside the corporate network, stopsredirecting web traffic through the proxy.

• Corporate VPN Detection — When the end-user computer is connected to the corporate VPN, stopsredirecting web traffic through the proxy.

• Log File Settings — Enables client logging, which adds a log file to each end-user computer thatidentifies errors and troubleshooting information.

• Active Directory Groups — A group filter that allows you to define the group information provided to thefiltering proxy.

• Access Protection — Prevents the end user to uninstall, delete, rename, or tamper with McAfee ClientProxy from their computer.

Bypass ListEach policy maintains a list of McAfee® Common Catalog definitions for McAfee Client Proxy to bypasswhen network traffic is redirected to the proxy server.

The bypass list can include domain names, network addresses, network ports, and processes thatend-user computers connect to directly.

A McAfee Common Catalog instance is created for each configured policy. When a bypass list item ismodified, the associated McAfee Common Catalog instance is also modified.

Block ListEach policy maintains a list of processes that are permanently blocked from network communication.

The Block List reduces the amount of network traffic redirected to the proxy server, but can also applyunintended Internet access restrictions to end-user computers.

Configure a policy using McAfee ePOUse McAfee ePO to create and configure policies that are deployed to end-user computers.


1 From the McAfee ePO interface, select Menu | Policy | Policy Catalog.

2 From the Product drop-down list, select McAfee Client Proxy.

The default policy assignment appears.

3 Configuring and using McAfee Client Proxy with McAfee ePOConfigure a policy using McAfee ePO


3 From the Actions menu, select New Policy.

The New Policy dialog box appears.

4 In the Policy Name field, type a name for the policy, enter any additional information, then click OK.

Tasks• Configure the proxy servers on page 19

Configure the proxy servers for McAfee Client Proxy to redirect network traffic.

• Configure the client settings on page 20Configure the settings that define how deployed McAfee Client Proxy policies behave insideor outside the corporate network.

• Configure the Bypass List on page 20Configure and add the web definitions to the Bypass List that end-user computers directlyconnect to by bypassing the policy.

• Configure the Block List on page 20To reduce the amount of network traffic redirected to the proxy server, configure and addprocesses to the Block List that are permanently blocked from communicating with thenetwork.

• Assign the policy using McAfee ePO on page 20Assign policies to specific end-user computers within your corporate network.

Configure the proxy servers Configure the proxy servers for McAfee Client Proxy to redirect network traffic.


1 On the Policy Catalog page, select a policy.

2 From the Client Proxy Settings menu, select Proxy Servers.

3 In the Proxy Server List, select how McAfee Client Proxy connects to the proxy servers using theseoptions:

• connect to the first proxy server that is accessible based on their order in the following list.

• connect to the proxy server that has the fastest response time.

4 Add proxy servers to the Proxy Server List.a In the Proxy Server Address field, type the proxy server IP address or host name.

b In the Proxy Port field, type the port for the proxy server.

Port 8888 is outside of the proxy server configuration options.

c To direct HTTP/HTTPS requests to the McAfee Web Gateway or McAfee SaaS Web ProtectionService servers, select the HTTP/HTTPS checkbox.

d In the Non-HTTP/HTTPS Redirected Ports field, type the non-HTTP/HTTPS redirected ports.

For non-HTTP/HTTPS protocols, make sure the server supports the protocol.

e Click Add.

The proxy server appears in the Proxy Server List.

5 In the Actions list, click the arrows to move the proxy servers in the Proxy Server List.

Configuring and using McAfee Client Proxy with McAfee ePOConfigure a policy using McAfee ePO 3


Configure the client settingsConfigure the settings that define how deployed McAfee Client Proxy policies behave inside or outsidethe corporate network.


1 From the Client Proxy Settings menu, select Client Configuration.

2 In the Customer Identifier section, click Browse, select the XML file, then click Open.

The Unique Customer ID and Shared Password fields are automatically populated.

3 Configure the remaining options.

Configure the Bypass ListConfigure and add the web definitions to the Bypass List that end-user computers directly connect to bybypassing the policy.


1 From the Client Proxy Settings menu, select Bypass List.

2 From the Actions menu, select Add bypass list item, then select a web definition type.

The Choose from existing values dialog box appears.

3 Click New Item, enter the required information, then click Save.

4 Click OK.

Configure the Block ListTo reduce the amount of network traffic redirected to the proxy server, configure and add processes tothe Block List that are permanently blocked from communicating with the network.


1 From the Client Proxy Settings menu, select Block List.

2 Select an option for how to handle network traffic.

3 In the Process Name field, type the name of a process to block, then click Add.

4 Click Save.

Assign the policy using McAfee ePOAssign policies to specific end-user computers within your corporate network.


1 Select Menu | Systems | System Tree.

2 From the System Tree menu, select a group or subgroup.

3 Configuring and using McAfee Client Proxy with McAfee ePOConfigure a policy using McAfee ePO


3 Click the Assigned Policies tab.

4 From the Product drop-down list, select McAfee Client Proxy.

5 Click Edit Assignment.

The Policy Assignment for my Organization window appears.

6 Next to Inherit from, select Break inheritance and assign the policy and settings below.

7 From the Assigned policy drop-down list, select the policy.

8 Choose whether or not to lock policy inheritance.

9 Click Save.

View end-user installation dataView the number of end-user computers that have successfully installed McAfee Client Proxy withinthe past month.


1 From the McAfee ePO interface, select Menu | Reporting | Queries & Reports.

2 From the Groups list, expand Shared Groups, then select McAfee Client Proxy.

3 Create a query.

Option Definition

Select a querytype.

1 Select the Query tab, then select Actions | New.The Query Builder opens with the Result Types view active.

2 From the Feature Group list, select Policy Management.

3 Choose from these options:

• Applied Client Tasks

• Applied Policies

• Client Task Assignment Broken Inheritance

• Policy Assignment Broken Inheritance

4 Click Next.

Select a querylayout.

1 From the Display Results As list, select a graph or table for the query layout.Select a layout for your query that will best display your data.

2 Select the display options you want from the available lists.

3 To move to the Columns page, click Next.

Select querycolumns.

1 From the Available Columns list, select which columns to apply to your query.

2 In Selected Columns, select, drag and position each column.

3 To move to the Filter page, click Next.

Configuring and using McAfee Client Proxy with McAfee ePOView end-user installation data 3


Option Definition

Configureproperties.

From the Available Properties list, select which properties to use for filtering yourquery, and the appropriate values for each.

Run the query. Click Run.

Save the query. 1 To view the Save Query page, click Save.

2 Type a name for the query, add any notes, and select a group.

3 Click Save.

4 Create a report.

Option Definition

Select a query. 1 Click the Report tab, then select Actions | New.The Report Builder opens with the Report Layout view active.

2 From the Toolbox menu, select Query Chart, and drag it to the Report Layout area.The Configure Query Chart dialog box appears.

3 From the Query drop-down list, select MCP: Endpoint Install Success/Failed events in lastmonth.

4 Configure the remaining query options, then click OK.

Customize thereport.

1 In the Name, Description and Group tab, type a name, description, and which groupto use.

2 Use the Header and Footer and Page Setup tabs to specify how you want the query toappear in the report.

3 Use the Runtime Parameters tab to select report‑level filters.

Generate thereport.

Click Run.At this point, you can choose to run the report to get the informationimmediately, save to use it another time, or configure its appearance further byadding additional content.

Cancel policy enforcement using McAfee ePOEnd users request a bypass or uninstall key from their computer, and the administrator uses McAfeeHelp Desk to create and issue the key, which is valid for a specified time period.

Task1 The end user requests the bypass or uninstall key from their computer.

a Click the McAfee icon on the system tray.

b Select Manage Features | Request McAfee Client Proxy Bypass.

The Enter Release Code window appears.

2 The end user provides this information to the McAfee Client Proxy administrator:

• Computer Name

• Policy Name

3 Configuring and using McAfee Client Proxy with McAfee ePOCancel policy enforcement using McAfee ePO


• Policy Revision

• End-user system user name and email address

• Identification Code

• The Identification Code changes each time the Enter Release Code window opens, so do notclose the window.

• You can copy and paste the Identification Code, but you cannot edit it.

3 The administrator views the revision information.

a From the McAfee ePO interface, select Menu | Policy | Policy Catalog.

b From the Product drop-down list, select McAfee Client Proxy.

c Select a policy.

d Select Actions | View Revision Information.

The Current Revision Information dialog box appears.

e Write down the current revision number, then click OK.

4 The administrator generate the bypass or uninstall key.

a Select Menu | Systems | Help Desk.

b From the Services list, select from these options:

• Generate MCP Bypass Key

• Generate MCP Uninstall Key

c In the End user name field, type the end-user name.

d In the End user email address field, type the end-user email address.

e From the Client bypass password drop-down list, select the policy, then type the current revisionnumber.

f Configure the remaining options.

g Click Generate Key.

Send the release code that appears in the Release Code field to the end user.

5 On the end-user computer, type the release code in the Release Code field, then click OK.

Export the policy to an XML fileFor troubleshooting purposes, export the McAfee Client Proxy policy to an XML file.

Configuring and using McAfee Client Proxy with McAfee ePOExport the policy to an XML file 3



1 From the McAfee ePO interface, select a policy.

2 Select Actions | Export Policy to File.

The Export Policy to File dialog box appears.

3 Click the McAfee Client Proxy Client File link.

4 Save the file.

5 Click OK.

3 Configuring and using McAfee Client Proxy with McAfee ePOExport the policy to an XML file


4 Maintaining McAfee Client Proxy usingMcAfee ePO

Perform maintenance tasks to ensure McAfee Client Proxy operates as intended.

Contents Upgrade McAfee Client Proxy using McAfee ePO Install a hotfix Uninstall McAfee Client Proxy

Upgrade McAfee Client Proxy using McAfee ePODownload, install, and deploy the latest version of McAfee Client Proxy.


1 Download the latest version of the product files.

a Go to the McAfee Content & Cloud Security Portal.

b Enter your user name and password, then click Login.

c Select Software | McAfee Web Gateway | Tools | McAfee Client Proxy.

d Select and save the appropriate .zip file.

2 Install the extension.

a From the McAfee ePO interface, select Menu | Software | Extensions.

b Click Install Extension.

c Click Browse to locate the McAfee Client Proxy .zip file, click Open, then click OK.

The Install Package window appears.

d Click OK.

e Verify that the extension is installed, and select Menu | Software | Extensions.

3 Check in the package.

a Select Actions | Check in Package.

The Check in Package window appears.

4



b Select the package type, then click Browse.

c Choose the McAfee Client Proxy .zip file you downloaded earlier, then click Open.

McAfee Client Proxy appears in the Packages in Master Repository list.

4 Deploy the upgrade.a Select Menu | Systems | System Tree.

b From the System Tree list, select the subgroup level to deploy McAfee Client Proxy.

c Click the Assigned Client Tasks tab.

d From the Actions menu, select New Client Task Assignment.

e Configure the Client Task Assignment Builder options.

f Click Create New Task.

g Configure the Product Deployment options.

h Click Save.

i Click Next.

j From the Schedule type drop-down list, select Run immediately, then click Next.

k Review the task summary, then click Save.

Install a hotfix McAfee occasionally releases McAfee Client Proxy hotfixes to address product issues.If the hotfix includes release notes, use the release notes instructions to install the hotfix.

If the hotfix does not have release notes, use the following task.

Task1 Go to the McAfee Content & Cloud Security Portal.

2 Enter your user name and password, then click Login.

3 Select Software | McAfee Web Gateway | Tools | McAfee Client Proxy.

4 Select and save the hotfix installation file for your operating system.

5 Run the hotfix installation file.

6 Follow the on-screen prompts to complete the installation.

Uninstall McAfee Client ProxyTo fully uninstall McAfee Client Proxy, remove the extension and package from McAfee ePO, thenremove the software from the administrator operating system.

Contents Remove the extension from McAfee ePO Remove the package in McAfee ePO Create the Systems Management Server uninstall package

4 Maintaining McAfee Client Proxy using McAfee ePOInstall a hotfix



Run the uninstall package from a command line

Remove the extension from McAfee ePORemove the McAfee Client Proxy extension from McAfee ePO.


1 Log on to McAfee ePO as an administrator.

2 Select Menu | Software | Extensions.

3 From the Extensions list, select McAfee Client Proxy.

4 Click Remove.

Remove the package in McAfee ePORemove the McAfee Client Proxy package from the McAfee ePO Master Repository.


1 Select Menu | Software | Master Repository.

2 From the McAfee Client Proxy Actions column, click Delete.

Create the Systems Management Server uninstall packageTo uninstall McAfee Client Proxy, create an uninstall package using Microsoft Systems ManagementServer.

Task1 On the Systems Management Server console, right-click Packages, and select New | Package.

2 Click the General tab, and type the package information in the Name (required), Version, Publisher, andLanguage (optional) fields.

3 Click the Data Source tab.

a Select the This Package Contains Source Files checkbox.

b Click Set.

4 Configure the settings on the Set Source Directory window.

a In the Source directory location area, select the type of connection to the source directory setup files.

b In the Source directory field, type the source directory path.

c Click OK.

5 Click the Distribution Settings tab.

a From the Sending Priority drop-down list, select High.

b Click OK.

Under the Packages node of the site tree, the package appears.

Maintaining McAfee Client Proxy using McAfee ePOUninstall McAfee Client Proxy 4


6 Expand the new package.

a Right-click Distribution Points, then select New | Distribution Point.

b Select the server or servers for the package distribution points.

c Click Finish.

d Right-click Programs, then select New | Program.

e In the Name field, type the name for the program.

f In the Command line field, type the McAfee Client Proxy command line executable.

The .msi file name is extracted manually from the product installation .exe file.

7 Click the Environment tab.

a From the Program can run drop-down list, select Whether or not a user is logged on.

b Click OK.

Run the uninstall package from a command lineRun the Microsoft Systems Management Server uninstall package from a command line.





b Click Set.

4 Locate the UninstallString for McAfee Client Proxy Agent.

a In the registry editor, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall.

b Click through the entries to find DisplayName: McAfee Client Proxy.

c Copy the UninstallString, for example:

MsiExec.exe /X{287AAE25-B0F4-4E9E-A7FD-8EA81FF635E1}

5 To uninstall, use the command line:

<uninstall string>/qn/forcestart

4 Maintaining McAfee Client Proxy using McAfee ePOUninstall McAfee Client Proxy


Managing McAfee Client Proxyoutside of a McAfee ePO system

Chapter 5 Completing the setup using the Control ConsoleChapter 6 Configuring and using McAfee Client Proxy with the Control ConsoleChapter 7 Maintaining McAfee Client Proxy on your system


Managing McAfee Client Proxy outside of a McAfee ePO system


5 Completing the setup using the ControlConsole

To set up McAfee Client Proxy in your corporate network using a system other than McAfee ePO,download and install the McAfee Client Proxy installation files from the Control Console.

Contents Check the system requirements Download and install the product files

Check the system requirementsVerify that your network systems meet the hardware and operating system requirements.

Table 5-1 Hardware requirements

Hardware type Specifications

Servers — Run the McAfee Client Proxy extension. • CPU — Intel Pentium IV 2.8 GHz or later


• Hard disk — 80 GB minimum


• CPU — Pentium III 1 GHz or later


• Hard disk — 200 MB minimum free disk space



Servers — Run the McAfee ClientProxy extension.

• Microsoft Windows 2003 Server Standard (SE) SP1 or later



End-user computers — Run theMcAfee Client Proxy software.

• Windows XP Professional SP3 or later

• Windows Vista SP2 or later


• Windows 8

5




Servers — Run the McAfee Client Proxyextension.

• Windows 2003 Server Standard (SE) SP1 or later





• Windows 8

Download and install the product filesDownload the McAfee Client Proxy product files from the McAfee Content & Cloud Security Portal orControl Console, and install them on the administrator operating system.

To download the McAfee Client Proxy product files from the Control Console, you must first have aMcAfee SaaS Web Protection Service account.

Task1 Log on to the operating system as an administrator.

2 Download the product files.

Option Steps

McAfee Content & Cloud SecurityPortal

1 Go to the McAfee Content & Cloud Security Portal.



4 Select and save the .zip file for your operating system.

Control Console 1 Log on to the Control Console as an administrator.

2 Select Web Protection | Setup | McAfee Client Proxy.

3 Click Download MCP.

4 Select and save the .zip file for your operating system.

3 Install the product files. Do one of the following:

• Run McpInstaller.x64.exe

• Run McpInstaller.86.exe

Follow the on-screen prompts to complete the installation.

5 Completing the setup using the Control ConsoleDownload and install the product files



6 Configuring and using McAfee ClientProxy with the Control Console

Use the Control Console to manage and configure the options that define the McAfee Client Proxypolicies enforced on end-user computers.

Contents Configurable policy options Create a policy using the Control Console Deploy to end-user computers using other systems View status and configuration details Generate a release code

Configurable policy optionsPolicy options allow you to tune multiple settings when you configure policies.

The following are configurable policy options available in the Control Console.

Customer ID and secret key

McAfee Client Proxy includes a customer ID and secret key in its policy definition to ensure that clientidentities are securely protected.

Use the ePO Export button to download the customer ID XML file for use with McAfee ePO. If you areusing McAfee ePO, McAfee recommends using McAfee ePO to manage McAfee Client Proxy policiesinstead of the Control Console.

Proxy servers

When McAfee Client Proxy detects that an end-user computer is disconnected from the corporatenetwork, network traffic is automatically redirected to McAfee Web Gateway or McAfee SaaS WebProtection Service servers, which are configured in the proxy servers list.

You can configure how McAfee Client Proxy connects to proxy servers using these options:

6


• Connect to the first proxy server that is accessible based on their order in the following list — McAfee Client Proxyconnects to the first proxy server in the proxy servers list. If the connection to the first proxyserver in the list fails, the software attempts a connection on the second proxy server in the list. Ifthe connection is lost during transmission, the software reconnects with the first proxy server inthe list.

• Connect to the proxy server that has the fastest response time — McAfee Client Proxy connects to the closestproxy server in the proxy servers list based on the proxy server response time. If the connection tothe closest proxy server fails, the software attempts to connect to the second closest proxy server.If the connection is lost during transmission, the software reconnects with the original closest proxyserver.

When HTTP/HTTPS traffic is redirected, McAfee Client Proxy adds metadata to the request, such as:

• Identification tokens

• Encrypted domain user names

• AD groups

The proxy server uses this metadata to verify that McAfee Client Proxy is redirecting the networktraffic, then determines the policy definitions configured in the associated policy.

Bypass list

Each policy maintains a list of definitions for McAfee Client Proxy to bypass when network traffic isredirected to the proxy server.

The bypass list can include domain names, network addresses, network ports, and processes thatend-user computers connect to directly.

Block list

Each policy maintains a list of processes that are permanently blocked from network communication.

The block list reduces the amount of network traffic redirected to the proxy server, but can also applyunintended Internet access restrictions to end-user computers.

Redirection settings

McAfee Client Proxy communicates with McAfee ePO, or other configured proxy servers, to verify thatthe end user is working inside the corporate network.

McAfee Client Proxy also checks a list of corporate servers to detect when an end-user computer isconnected through VPN.

When McAfee Client Proxy detects that an end user is working inside the corporate network or throughVPN, the software stops redirecting web traffic and network communication.

6 Configuring and using McAfee Client Proxy with the Control ConsoleConfigurable policy options


Create a policy using the Control ConsolePolicies are created and saved as McAfee SaaS Web Protection Service web protection policies. Use theControl Console to create and configure policies that are deployed to end-user computers.

Before you beginRequest a customer ID and password from the McAfee Web Gateway or McAfee SaaS WebProtection Service administrator.

To use McAfee Client Proxy with McAfee SaaS Web Protection Service, McAfee SaaS WebProtection Service must be activated.

Task1 From the Control Console interface, select Web Protection | Policies | McAfee Client Proxy Policies.

2 In the Secret Key field, enter your secret key.

A secret key must be entered to enable McAfee Client Proxy policies.

3 Click New.

The New McAfee Client Proxy Policy dialog box appears.

4 Click the Details tab.

a In the Name field, type the policy name.

b Type an optional description.

c To prevent uninstallation, interruption, and policy manipulation, select the Enable Access Protectioncheckbox.

d To provide the administrator with ability to generate release code, select the Request Release key formanual uninstall checkbox.

e Define the Client Logging level.

Tasks• Configure the proxy servers on page 36

Configure the proxy servers for McAfee Client Proxy to redirect network traffic.

• Configure the bypass list on page 36Configure and add the web definitions to the bypass list that end-user computers directlyconnect to by bypassing the policy.

• Configure the block list on page 37To reduce the amount of network traffic redirected to the proxy server, configure and addprocesses to the block list that are permanently blocked from communicating with thenetwork.

• Configure redirection settings on page 37Configure the options to redirect web traffic to a proxy server instead of the originaldestination address.

Configuring and using McAfee Client Proxy with the Control ConsoleCreate a policy using the Control Console 6


Configure the proxy serversConfigure the proxy servers for McAfee Client Proxy to redirect network traffic.

Task1 Click the Proxy Servers tab.

2 Click New.

3 Add proxy servers to the policy.

a In the Proxy Server Address field, type the proxy server IP address or host name.

b In the Port field, type the port for the proxy server.

Port 8888 is outside of the proxy server configurable options.

c To direct HTTP/HTTPS requests to the McAfee Web Gateway or McAfee SaaS Web ProtectionService servers, select Yes from the HTTP/HTTPS drop-down list.

d In the Non-HTTP/HTTPS Redirected Ports field, type the non-HTTP/HTTPS redirected ports.

For non-HTTP/HTTPS protocols, make sure the server supports the protocol.

4 Configure the remaining options.

a In the Additional Ports field, type any additional ports to redirect as HTTP/HTTPS traffic.

b To bypass McAfee Client Proxy for local addresses in your internal network, select the Bypass theMcAfee Client Proxy for local addresses checkbox.

To remove a proxy server, click Delete.

Configure the bypass listConfigure and add the web definitions to the bypass list that end-user computers directly connect toby bypassing the policy.

Task1 Click the Bypass List tab.

2 Click New.

3 From the Type drop-down list, select a type.

4 In the Value field, type the value.

To remove a definition from the bypass list, click Delete.

6 Configuring and using McAfee Client Proxy with the Control ConsoleCreate a policy using the Control Console


Configure the block listTo reduce the amount of network traffic redirected to the proxy server, configure and add processes tothe block list that are permanently blocked from communicating with the network.

Task1 Click the Block List tab.

2 Click New.

3 In the Executable Name field, type a value.

To remove a process from the block list, click Delete.

Configure redirection settings Configure the options to redirect web traffic to a proxy server instead of the original destinationaddress.

Task1 Click the Redirection Settings tab.

2 To enable corporate detection, select the Enable checkbox.

3 From the Corporate Servers or Corporate VPNs areas, click New.

4 In the Server Address field, type the IP address or host name.

5 In the Port field, type the port number.

6 Click Save.

To remove an item from the Corporate Servers or Corporate VPNs lists, click Delete.

Deploy to end-user computers using other systemsDeploy McAfee Client Proxy polices to end-user computers using Microsoft Systems ManagementServer.

McAfee recommends using McAfee ePO to deploy McAfee Client Proxy. If you do not have access toMcAfee ePO, use Microsoft Systems Management Server.

Contents Create an installation package using Microsoft Systems Management Server Create the advertisement using Microsoft Systems Management Server

Create an installation package using Microsoft SystemsManagement ServerTo install the executable files on the administrator operating system, use Microsoft SystemsManagement Server to create a package.

Before you beginThe .opg file from the McAfee Client Proxy installation executable file must already beinstalled on the administrator operating system.

Configuring and using McAfee Client Proxy with the Control ConsoleDeploy to end-user computers using other systems 6


Task1 Download the Microsoft Visual C++ 2005 SP1 Redistributable Package (x86).

a Go to the Microsoft Download Center page.

b Click Download.

2 On the Systems Management Server console, right-click Packages, and select New | Package.

3 Click the General tab, and type the Name (required), Version, Manufacturer, and Language (optional) for thepackage.

4 Click the Data Source tab, select the This Package Contains Source Files checkbox, then click Set.

The Set Source Directory window appears.

5 Configure the settings, then click OK.


a From the Sending priority drop-down list, select High.

b Click OK.

The package appears under the Packages node of the site tree.

7 Expand the Packages node.

a Right-click Distribution Points, then select New | Distribution Points.

b Select the distribution points server or servers for the package.

c Click Finish.

d Right-click Programs, then select New | Programs.

e In the Name field, type the application name.

f In the Command Line field, type the McAfee Client Proxy command line executable. For example:

msiexec /I MCPInstaller.msi /qn /forcerestart

The .msi file name is extracted manually from the McpInstaller.x86.exe file.

McAfee recommends restarting your operating system after the package has finished installation. Toenable this option use this parameter:

/forcerestart

To enable the installation log use:

/log <LogFile>



b Verify that the Run with Administrative Rights checkbox is selected.

c Click OK.

6 Configuring and using McAfee Client Proxy with the Control ConsoleDeploy to end-user computers using other systems


http://www.microsoft.com/en-us/download/details.aspx?id=5638

Create the advertisement using Microsoft Systems ManagementServerTo manually deploy McAfee Client Proxy policies to end-user computers, create the Microsoft SystemsManagement Server advertisement.

Task1 On the Systems Management Server console, right-click Advertisements, and select New | Advertisement.

2 Type the advertisement name.

3 From the Package drop-down list, select the McAfee Client Proxy package.

4 From the Program drop-down list, select the McAfee Client Proxy application.

5 Click Browse, select the collection that the McAfee Client Proxy installation package is applied to,then click OK.

6 On the Schedule tab, confirm the advertisement time, and specify the advertisement expiration.

7 Click OK.

View status and configuration detailsView status and configuration details using the Microsoft Windows registry.

Before you run an .reg file, confirm it is a genuine import file.

Task1 From your Windows-based system, click Start | Run.

The Run dialog box appears.

2 In the Open field, type regedit, then click OK.

3 Browse to HKEY_LOCAL_MACHINE\SOFTWARE\McAfee\MCP\About.

Do not change these values:

• Active Proxy • Policy Revision

• Connection Status • Policy Timestamp

• Policy Name

Generate a release codeTo temporarily cancel policy enforcement on end-user computers, end users request a release codefrom the administrator.

The end user requests the release code from their computer, and the administrator uses McAfee HelpDesk to create and issue the code, which is valid for a specified time period.

Configuring and using McAfee Client Proxy with the Control ConsoleView status and configuration details 6


Task1 On the end-user computer, click the McAfee icon on the system tray, then select Manage Features |

Request McAfee Client Proxy Bypass.

The Enter Release Code window appears.

2 The end user provides this information to the McAfee Client Proxy administrator:

• Computer Name

• Policy Name

• Policy Revision

• End-user system user name and email address

• Identification Code

• The Identification Code changes each time the Enter Release Code window opens, so do notclose the window.

• You can copy and paste the Identification Code, but you cannot edit it.

3 The administrator uses this information to generate and send the Release Code to the end user:

• Sent information from the end user.

• Enter end user identification code — Allows the administrator to copy and paste the Identification Code.

• User master release code — Allows the administrator to generate a release code that can be used forany network computer.

Once the master release code has been generated, it must be used within 60 minutes.

• Generate Key — Generates the release code.

Send the release code that appears in the Release Code field to the end user.

4 On the end-user computer, type the release code in the Release Code field, then click OK.

6 Configuring and using McAfee Client Proxy with the Control ConsoleGenerate a release code


7 Maintaining McAfee Client Proxy on yoursystem

View the McAfee Client Proxy status and configuration details, or uninstall the software from theadministrator operating system.

Contents Upgrade McAfee Client Proxy on your system Install a hotfix Uninstall McAfee Client Proxy

Upgrade McAfee Client Proxy on your systemDownload and install the latest version of McAfee Client Proxy.

Task1 Copy all existing policy files to a temporary file on your system.

2 Go to the McAfee Content & Cloud Security Portal.



5 Select and save the .zip file for the latest version of McAfee Client Proxy.

6 From the .zip file, locate and run the installation file, then follow the prompts to install thesoftware.

Install a hotfix McAfee occasionally releases McAfee Client Proxy hotfixes to address product issues.If the hotfix includes release notes, use the release notes instructions to install the hotfix.

If the hotfix does not have release notes, use the following task.

Task1 Go to the McAfee Content & Cloud Security Portal.



4 Select and save the hotfix installation file for your operating system.

7




5 Run the hotfix installation file.

6 Follow the on-screen prompts to complete the installation.

Uninstall McAfee Client ProxyTo fully uninstall McAfee Client Proxy, remove the software from the administrator operating system.

Contents Create the Systems Management Server uninstall package Run the uninstall package from a command line

Create the Systems Management Server uninstall packageTo uninstall McAfee Client Proxy, create an uninstall package using Microsoft Systems ManagementServer.





b Click Set.

4 Configure the settings on the Set Source Directory window.

a In the Source directory location area, select the type of connection to the source directory setup files.

b In the Source directory field, type the source directory path.

c Click OK.


a From the Sending Priority drop-down list, select High.

b Click OK.

Under the Packages node of the site tree, the package appears.

6 Expand the new package.

a Right-click Distribution Points, then select New | Distribution Point.

b Select the server or servers for the package distribution points.

c Click Finish.

d Right-click Programs, then select New | Program.

e In the Name field, type the name for the program.

f In the Command line field, type the McAfee Client Proxy command line executable.

The .msi file name is extracted manually from the product installation .exe file.

7 Maintaining McAfee Client Proxy on your systemUninstall McAfee Client Proxy




b Click OK.

Run the uninstall package from a command lineRun the Microsoft Systems Management Server uninstall package from a command line.





b Click Set.

4 Locate the UninstallString for McAfee Client Proxy Agent.

a In the registry editor, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall.

b Click through the entries to find DisplayName: McAfee Client Proxy.

c Copy the UninstallString, for example:

MsiExec.exe /X{287AAE25-B0F4-4E9E-A7FD-8EA81FF635E1}

5 To uninstall, use the command line:

<uninstall string>/qn/forcestart

Maintaining McAfee Client Proxy on your systemUninstall McAfee Client Proxy 7


7 Maintaining McAfee Client Proxy on your systemUninstall McAfee Client Proxy


Index

Aabbreviations used in this guide 5about this guide 5access protection 17, 20

active directory groups 17, 20

Bbypass key 22, 39

Cconventions and icons used in this guide 5corporate network detection 17, 20, 37

corporate VPN detection 17, 20

customer ID 17, 20, 37

Ddeployment options 9documentation

product-specific, finding 6typographical conventions and icons 5

Eend-user computer requirements 13, 31

ePolicy Orchestrator 8

Hhardware requirements 13, 31

Iinstallation

hotfix 26, 41

product files 14, 32

Llog file settings 17, 20, 37

MMcAfee Common Catalog 17, 20

McAfee ePOblock list, configure 20

bypass list, configure 20

McAfee ePO (continued)Client Configuration 17

client settings, configure 20

deploy 9, 15

end-user installation data, view 21

extension, install 14

extension, remove 27

package, check in 15

package, remove 27

policy, configure 18

Proxy Server List, configure 19

setup 13

upgrade the software 25

McAfee SaaS Control Consoleblock list, configure 37

bypass list, configure 36

proxy servers, configure 36

redirection settings, configure 37

McAfee SaaS Web Protection Service 5, 8, 17, 19, 33, 36, 37

McAfee ServicePortal, accessing 6McAfee Web Gateway 5, 8, 17, 19, 33, 36, 37

Microsoft Systems Management Serveradvertisement, create 39

deploy 9installation package, create 37

run uninstall package 28, 43

uninstall package 27, 42

Ooperating system requirements 13, 31

overview 8

Ppolicy

assign 20

export to XML file 23

policy optionsblock list 33

Block List 17

bypass list 33

Bypass List 17

Client Configuration 17

Proxy Server List 17


policy options (continued)proxy servers 33

redirection settings 33

processes, block 20, 37

Proxy Server List 19

Qqueries 21

Rrelease code 22, 39

reports 21

Sserver software requirements 13, 31

ServicePortal, finding product documentation 6

setupsystem requirements 13, 31

status and configuration details 39

TTechnical Support, finding product information 6traffic redirection 17, 20

Uuninstall key 22, 39

upgrade the software 41

VVPN 5, 8VPN detection 37

Index


00-B00

mcafee client proxy 1.1 · pdf filemcafee client proxy software on mcafee epo servers must be...

Documents