This document will detail the recommended practice for configuring a McAfee Endpoint Security to update properly when Deep Freeze is protecting a workstation.
Deep Freeze provides administrators with a way to protect workstations from changes by rolling back any change made to the computer at reboot. Deep Freeze does not make any distinction between changes that are malicious, or changes that are desired on a workstation and this can pose some challenges in managing 3rd party products that require updates to occur on a periodic basis.
The most common interaction that we find on customers workstations is between antivirus software and Deep Freeze. Antivirus software by design requires periodic updates to maintain it’s effectiveness on a client workstation, and problems may arise unless steps are taken to ensure that the antivirus software can perform updates in a timely manner.
Scheduled are used to configure the antivirus software to update in a time frame where Deep Freeze will not be protecting the workstations. This has the advantage of being one of the less difficult methods to configure but does require that the workstations have a period of time where they will not be used and can be configured to update automatically.
Configuring McAfee Endpoint Security to update with Deep Freeze
McAfee Endpoint Security supports the use of a command line function that can be used to trigger antivirus updates when the workstations enter into maintenance mode. To configure Deep Freeze to trigger McAfee Endpoint Security to update when maintenance mode starts follow the process below:
Deep Freeze 8.x or Higher
- Open the Deep Freeze Configuration Administrator.
- Configure your Deep Freeze install package as per your normal requirements, including passwords and other settings that may be required.
- Click on the Workstation Tasks tab.
- Select Batch File in the Task Type drop down and click Add.
- Name the event “McAfee Antivirus” in the Name field.
- Select the frequency for the updates to occur in the Day drop down and set the start and end time for the event.
- The options “Allow User to Cancel Event”, “Shutdown after Maintenance”, and “Disable Keyboard and Mouse” can be enabled if desired.
- Click on the Batch File tab.
- Enter the following in the Batch File Contents field on the tab:
IF EXIST "C:\Program Files\McAfee\Endpoint Security\Threat Prevention\amcfg.exe" "C:\Program Files\McAfee\Endpoint Security\Threat Prevention\amcfg.exe" /UPDATE
IF EXIST "C:\Program Files (x86)\McAfee\Endpoint Security\Threat Prevention\amcfg.exe" "C:\Program Files (x86)\Endpoint Security\Threat Prevention\amcfg.exe" /UPDATE
- Click on the “Create” button on the toolbar and save the Workstation Install Program in a location that you will remember.
- Install the updated workstation install file on your workstations.