advertisement
Release Notes
McAfee VirusScan Enterprise for Linux 1.9.2
Contents
About this release
New features
Resolved issues
Installation instructions
Known issues
Find product documentation
About this release
This document contains important information about the current release. We strongly recommend that you read the entire document.
We do not support the automatic upgrade of a pre-release software version. To upgrade to a production release of the software, you must first uninstall the existing version.
Release date — March 29, 2016
This release was developed and tested with:
• McAfee ® VirusScan ® Enterprise for Linux 1.9.2
• Engine version — 5800.7501
• DAT version — 8106
1
New features
This release of the software includes these features.
Feature
Option to exclude network-mounted volumes from on-demand scanning
Anti-spyware support
Common extension for McAfee
VirusScan Enterprise for Linux
Open SSL 1.0.1s upgrade
5800 Engine support
Description
You can include or exclude network-mounted volumes from an on-demand scan.
Protects your Linux systems from spyware threats.
Allows you to use a single extension to manage McAfee VirusScan
Enterprise for Linux 1.9.2 and 2.x versions.
Packaged with the Open SSL library version to 1.0.1s that fixes the
CVE-2016-0800 issues such as weak-SSL-ciphers, double free bug in DSA private key, SRP fake user, memory issues in BIO printf functions, and Side channel attack. For more information about these vulnerabilities, click here .
Pre-packaged with the latest 5800 engine that provides enhanced detection capabilities.
Resolved issues
These issues are resolved in this release of the product.
• Resolves the open vulnerability issue CVE-2015-7547 - Multiple stack-based buffer overflow in the
libresolv library.
• The scheduled on-demand scan no longer takes more time than the manual on-demand scan.
(1094660)
• The logepo service now starts on nails start service when the Detail Log level option is set to Low in the McAfee VirusScan Enterprise for Linux general policy. (1080156)
• McAfee VirusScan Enterprise for Linux installation no longer fails when the /tmp directory definition is set to none. (1095938)
• When you upgrade McAfee VirusScan Enterprise for Linux, the /etc/crontab directory's permission is no longer changed to 640 from the default permission 644. (1079576)
• When McAfee VirusScan Enterprise for Linux and McAfee ® Host Intrusion Prevention services co-exist, the Hipsec and schook drivers now load successfully when the nails service is started with on-access scan enabled before McAfee Host Intrusion Prevention starts. (1112257)
• The McAfee VirusScan Enterprise for Linux mer log now successfully captures logs for McAfee
®
Agent 5.0 and later. (1119763)
• The .o object file in the linuxshield kernel modules is upgraded to .ko object file. (1120911)
• The Threat Source and the Target IP address now appear as proper IP addresses in the event log rather than 0.0.0.0. (1121565)
• When the on-access scan is enabled in McAfee VirusScan Enterprise for Linux, mounting the CD drive no longer causes the system to crash. (1113891)
• McAfee VirusScan Enterprise for Linux deployment with McAfee Agent 5.0 no longer fails when a hotfix is checked in. (1105120)
The hotfix solutions HF988521, HF1065267, and HF1073855 that are resolved in the McAfee
VirusScan Enterprise for Linux 1.9.1 release are merged with this release.
2
Installation instructions
Make sure that your system meets these requirements, and install the software on standalone and managed systems.
System requirements
Make sure that your system meets these requirements for successful installation.
Component
Processors
Description
• Intel x86 architecture-based processor
• Intel x86_64 architecture-based processor that supports Intel Extended
Memory 64 Technology (Intel EM64T)
• AMD x86_64 architecture-based processor with AMD 64-bit technology
Memory
Minimum: 2 GB
Recommended: 4 GB
Disk space
Supported operating systems (32-bit and
64-bit)
1 GB
• SuSE Linux Enterprise Server/Desktop 10.x, 11, and 11 SP1
• Red Hat Enterprise 5.x and 6.x (Server/Workstation/Client)
• Oracle Enterprise Linux 5.x and 6.x (Generic and UEK kernels)
• CentOS 5.x and 6.x
Cloud platforms
This release doesn't support RHEL 5.0 and 5.1 because it doesn't support the
Glibc 2.18 application that McAfee VirusScan Enterprise for Linux uses.
• Novell Open Enterprise Server 2.x and 11.x
• Ubuntu 10.04, 10.10, 11.04, 11.10, 12.04 and 12.10 (Desktop/Server)
This release supports cloud service such as Amazon Elastic Compute Cloud
(EC2) for operating systems that McAfee VirusScan Enterprise for Linux 1.9.2
supports.
For the complete list of supported distributions, see McAfee KnowledgeBase article KB72999 .
Virtual platforms
• VMware
• KVM
• Citrix Xen
• Virtual box
• Xen
• Guest operating system on Xen
Hypervisor
McAfee
Management software
McAfee ® Agent
• McAfee ® ePolicy Orchestrator ® (McAfee ePO ™ ) 4.x and 5.x
McAfee Agent 4.8 Patch 3 and 5.x
3
4
Prerequisites for RPM-based systems
Make sure that your systems meet these prerequisites to install the software successfully.
• Make sure that there is no user named nails or group named nailsgroup on the computer.
• You must have root permission to install the software.
During the installation, you are prompted to type a password and other information. For most of the questions, you can accept the default value that is offered. For silent installation and deployment through McAfee ePO, you must set up a password before installation or deployment.
Use the passwd command or use the Change Password task from McAfee ePO.
• If you install McAfee VirusScan Enterprise for Linux on 64-bit RHEL, CentOS, or OEL systems, make sure that the 32-bit PAM libraries are also installed (pam.i686). You must install:
• libgcc (yum install libgcc) library
• pam (yum install pam.i386) library
You can install these packages using the YUM management tool or the rpm tool. During the installing, don't skip any dependencies software installation. When you install the libraries using the YUM repository, it automatically installs all the dependencies. If you install the libraries using rpm, you must install the dependencies manually.
• To configure email notification for alerts (if needed), configure the Mail Transfer Agent (MTA) with the following information:
• Email address of the McAfee VirusScan Enterprise for Linux administrator
• IP address of the SMTP host
• TCP/IP port number of the SMTP host
Install the software on RPM-based standalone systems (RHEL,
SUSE, OEL, and CentOS)
Install the software on standalone systems and configure the settings as required.
This release doesn't support RHEL 5.0 and 5.1 because it doesn't support the Glibc 2.18 application that
McAfee VirusScan Enterprise for Linux uses.
Task
1
Download McAfeeVSEForLinux-1.9.2.<build_number>.zip to a temporary directory, then execute these commands in sequence.
# unzip McAfeeVSEForLinux-1.9.2.<build_number>.zip
# cd McAfeeVSEForLinux-1.9.2.<build_number>
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-release-full.noarch.tar.gz
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-release-full.noarch.tar.gz
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-release.tar.gz
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-others.tar.gz
2
Install McAfee Runtime: rpm -ivh MFErt.i686.rpm
3
Install McAfee Agent: rpm -ivh MFEcma.i686.rpm
4
Confirm that McAfee Agent is running correctly:
/etc/init.d/cma status
5
Install McAfee VirusScan Enterprise for Linux: bash McAfeeVSEForLinux-1.9.2.<build_number>-installer
6
Answer the questions when prompted, accept the default values, or type custom values.
7
When prompted to start the VirusScan services, select the default option Y.
8
Confirm McAfee VirusScan Enterprise for Linux is installed and running correctly:
/etc/init.d/nails status
Configure the installation prerequisites for Ubuntu-based systems
Before installing McAfee VirusScan Enterprise for Linux on 64-bit Ubuntu systems, perform these steps.
Task
1
Copy pam_unix.so and pam_nologin.so from /lib/security of a 32-bit Ubuntu system (until version 10.10) to a temporary directory (/tmp) to the 64-bit Ubuntu system. From Ubuntu 11.04
and later, these files are available under the /lib/i386-linux-gnu/security directory.
2
In the root directory, create a folder pam32lib.
3
Copy pam_unix32.so and pam_nologin.so files to the pam32lib directory: cp /tmp/pam_unix.so /pam32lib/pam_unix32.so
cp /tmp/pam_nologin.so /pam32lib/pam_nologin32.so
Install the software on Ubuntu-based standalone systems
Install the software on Ubuntu systems and configure the software.
Task
1
Download McAfeeVSEForLinux.1.9.2.<build_number>.zip to a temporary directory and execute these commands in the order shown:
# unzip McAfeeVSEForLinux-1.9.2.<build_number>.ZIP
# cd McAfeeVSEForLinux-1.9.2.<build_number>
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-release-full.noarch.tar.gz
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-release.tar.gz
# tar -zxvf McAfeeVSEForLinux-1.9.2.<build_number>-others.tar.gz
2
Install McAfee Runtime: sudo dpkg -i MFErt.i686.deb
3
Install McAfee Agent: sudo dpkg -i MFEcma.i686.deb
4
Confirm that McAfee Agent is running correctly:
/etc/init.d/cma status
5
6
5
Install McAfee VirusScan Enterprise for Linux: sudo bash McAfeeVSEForLinux-1.9.2.<build_number>-installer
6
Answer the questions when prompted. Accept the default values, or type custom values.
7
When prompted to start the McAfee VirusScan Enterprise for Linux services, type the default option
Y.
8
Confirm that McAfee VirusScan Enterprise for Linux is installed and running correctly:
/etc/init.d/nails status
The message The McAfeeVSEForLinux daemon is running: process information follows appears.
For information about installing McAfee VirusScan Enterprise for Linux on Novell Open Enterprise
Server, see McAfee VirusScan Enterprise for Linux 1.9.x Installation Guide.
Install the software in silent mode on RPM-based systems
(RHEL, SUSE, OEL, and CentOS)
Use the command line option to install the software in silent mode.
Before you begin
You must have McAfee Runtime and McAfee Agent already installed on the computer.
Task
1
Create a file nails.options in the root home directory.
For example:
SILENT_ACCEPTED_EULA="yes"
SILENT_INSTALLDIR="/opt/NAI/LinuxShield"
SILENT_RUNTIMEDIR="/var/opt/NAI/LinuxShield"
SILENT_ADMIN="[email protected]"
SILENT_HTTPHOST="0.0.0.0"
SILENT_HTTPPORT="55443"
SILENT_MONITORPORT="65443"
SILENT_SMTPHOST="0.0.0.0"
SILENT_SMTPPORT="25"
SILENT_NAILS_USER="nails"
SILENT_NAILS_GROUP="nailsgroup"
SILENT_CREATE_USER="yes"
SILENT_CREATE_GROUP="yes"
SILENT_RUN_WITH_MONITOR="yes"
SILENT_QUARANTINEDIR="/quarantine"
SILENT_START_PROCESSES="yes"
Use the SILENT_CONTINUE_INSTALL_ON_PAM_ERROR option only when the 32-bit PAM libraries are not present. If you set this flag to "Yes" and continue without PAM libraries, the installation monitor component is skipped, and the web interface is not available. You can still manage the
McAfee VirusScan Enterprise for Linux host using McAfee ePO.
2
Type the following command: bash McAfeeVSEForLinux-1.9.2.<build_number>-installer
3
Use the command passwd to assign a password to the user nails.
For information about installing McAfee VirusScan Enterprise for Linux on Novell Open Enterprise
Server, see McAfee VirusScan Enterprise for Linux 1.9.x - Installation Guide.
Install the software in silent mode on Ubuntu-based systems
Use the command line to install the software on Ubuntu systems in silent mode.
Before you begin
Make sure that the pam32lib library files are copied properly on the 64-bit Ubuntu system.
For more information, see Configure the installation prerequisites for Ubuntu-based
systems.
Task
1
Verify that the nails.options file is present in the root directory.
2
Type the following command: sudo bash McAfeeVSEForLinux-1.9.2.<build_number>-installer
3
Use the command passwd to assign a password to the user nails.
For more information about installing the software on Novell Open Enterprise Server, see McAfee
VirusScan Enterprise for Linux1.9.x Installation Guide.
Upgrade the software (RPM and Ubuntu systems)
You can upgrade the software from McAfee VirusScan Enterprise for Linux 1.7.1, 1.9.0, or 1.9.1 to
McAfee VirusScan Enterprise for Linux 1.9.2.
Task
1
Upgrade McAfee Agent.
• For RPM based systems: rpm -Uvh MFErt.i686.rpm
rpm -Uvh MFEcma.i686.rpm
• For Ubuntu systems: sudo dpkg -i MFErt.i686.deb
sudo dpkg -i MFEcma.i686.deb
2
Confirm that McAfee Agent is running correctly:
/etc/init.d/cma status
3
Upgrade McAfee VirusScan Enterprise for Linux.
• For RPM based systems: bash McAfeeVSEForLinux-1.9.2.<build number>-installer
• For Ubuntu systems: sudo bash McAfeeVSEForLinux-1.9.2.<build number>-installer
4
Restart the computer: reboot
When you upgrade the software, the existing on-access scan settings, on-demand scan settings, and the exclusions list are migrated.
7
8
Integrate the software using McAfee ePO
Install and deploy the software from the McAfee ePO console.
Before you begin
You must manually migrate the existing policies and tasks before upgrading the extensions.
Task
1
Log on to the McAfee ePO server as an administrator.
2
Extract the McAfeeVSEForLinux-1.9.2.<build_number>.zip to a temporary directory on the
McAfee ePO system.
3
From the temporary directory, extract these files in the following sequence:
McAfeeVSEForLinux-1.9.2.<build_number>-release-full.noarch.tar.gz
McAfeeVSEForLinux-1.9.2.<build_number>-release.tar.gz
McAfeeVSEForLinux-1.9.2.<build_number>-others.tar.gz
4
Check in the McAfee Agent MSA-LNX_4.8.0.3_Package.zip file to the Master Repository.
5
Check in the McAfeeVSEForLinux-1.9.2.<build_number>-release-epo.zip file to the Master
Repository.
6
Check in these extensions to McAfee ePO:
EPOAGENTMETA.ZIP
LYNXSHLDMETA.ZIP
LYNXSHLDPARSER.ZIP
vsel_help.zip
You must manually remove the vesl_201_help extension from the McAfee ePO server.
7
Deploy McAfee Agent 4.8 Patch 3 to the client computer.
8
Create a product deployment task in McAfee ePO to deploy McAfee VirusScan Enterprise for Linux
1.9.2 to the client computer.
9
For managed systems upgraded through McAfee ePO, reboot the client computer.
10 To verify that McAfee VirusScan Enterprise for Linux is installed and running correctly, type this command on the client system:
/etc/init.d/nails status
For information about integrating and configuring McAfee VirusScan Enterprise for Linux using McAfee ePO, see the product guide for your version of McAfee ePO.
Start VirusScan Enterprise for Linux
After installing the software, start VirusScan Enterprise for Linux services and configure the settings as needed.
Task
1
From a supported web browser, go to https://<hostname or IP address>:<port number>
Specify the host name or IP address of the computer where VirusScan Enterprise for Linux is installed. By default, the port number is 55443. For example, https://192.168.200.200:55443 or https://server1:55443.
2
On the logon page, type the user name nails, type the password that you specified during the installation, then click Log on.
Uninstall the software
Remove the software from the RPM and Ubuntu-based systems.
Task
1
Uninstall the software from the standalone systems.
• For RPM-based systems: rpm -e McAfeeVSEForLinux rpm -e MFEcma rpm -e MFErt
• For Ubuntu-based systems: dpkg --purge mcafeevseforlinux dpkg --purge mfecma dpkg --purge mfert
2
Uninstall the software from managed systems using McAfee ePO, by creating a product deployment task.
Known issues
For a list of known issues in this product release, see this McAfee KnowledgeBase article: KB78126 .
Find product documentation
On the ServicePortal, you can find information about a released product, including product documentation, technical articles, and more.
Task
1
Go to the ServicePortal at https://support.mcafee.com
and click the Knowledge Center tab.
2
In the Knowledge Base pane under Content Source, click Product Documentation.
3
Select a product and version, then click Search to display a list of documents.
9
Copyright © 2016 McAfee, Inc. www.intelsecurity.com
Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others.
0-00
advertisement
Related manuals
advertisement