Updating McAfee Endpoint Security during Deep Freeze Maintenance
Posted by Adam Zilliax, Last modified by Adam Zilliax on 14 February 2018 11:09 AM
This document will detail the recommended practice for configuring a McAfee Endpoint Security to update properly when Deep Freeze is protecting a workstation.
Deep Freeze provides administrators with a way to protect workstations from changes by rolling back any change made to the computer at reboot. Deep Freeze does not make any distinction between changes that are malicious, or changes that are desired on a workstation and this can pose some challenges in managing 3rd party products that require updates to occur on a periodic basis.
The most common interaction that we find on customers workstations is between antivirus software and Deep Freeze. Antivirus software by design requires periodic updates to maintain it’s effectiveness on a client workstation, and problems may arise unless steps are taken to ensure that the antivirus software can perform updates in a timely manner.
Scheduled are used to configure the antivirus software to update in a time frame where Deep Freeze will not be protecting the workstations. This has the advantage of being one of the less difficult methods to configure but does require that the workstations have a period of time where they will not be used and can be configured to update automatically.
Configuring McAfee Endpoint Security to update with Deep Freeze
McAfee Endpoint Security supports the use of a command line function that can be used to trigger antivirus updates when the workstations enter into maintenance mode. To configure Deep Freeze to trigger McAfee Endpoint Security to update when maintenance mode starts follow the process below:
Deep Freeze 8.x or Higher