This past spring, Network Associates Inc (NAI) released the much-anticipated upgrade to its McAfee antivirus software for Windows. Gone is Netshield for Windows as well as VirusScan 4.5. Both have been combined into a single product called VirusScan 7. The simplicity of being able to install one package for both servers and workstations is a real bonus. Functionally, I haven’t seen too much difference between the old and the new version, but I’m sure if you contact your local NAI rep, he’ll have plenty to say about the new product.
Assuming you’re planning on moving forward with VirusScan 7, what installation options are available? Basically there are three choices:
- Manual: This essentially requires executing good old SETUP.EXE and answering all the prompts in order to install VirusScan 7. If you choose this method, there are approximately half a dozen user interface screens that require some form of input or response. It’s really quite tedious, and you can budget between five and 10 minutes to perform an installation. Time will vary based on the speed of the PC.
- Semi-automatic: Semi-automatic involves the use of NAI’s Installation Designer 7.0 to create an installation package according to your corporate requirements, then using that package to deploy VirusScan 7 across your enterprise. This product will be the focus of this article.
- Fully-automatic: By using NAI’s ePolicy Orchestrator (ePO), not only can you create customized packages, you can also push out the packages from a central location. In addition, you can monitor the status of which workstations have or don’t have the packages, as well as create and enforce policies related to update retrieval.
Benefits of using Installation Designer
Installation Designer is a well-thought-out, easy-to-use application for customizing the installation of VirusScan 7. The two biggest reasons for using Installation Designer rather that doing things manually are worth mentioning:
- Consistency: The ability to customize virtually any setting of VirusScan ensures that you have a consistent installation across your enterprise—one that is not left to the whims of any particular system administrator or end user.
- Speed: By answering all the prompts once, you can then deploy VirusScan via e-mail, login script, or an alternative deployment tool such as SMS or ZENworks. Not having to respond to half a dozen questions during each installation will save a significant amount of time and effort.
How Installation Designer works
Installation Designer is actually rather basic. It’s a GUI that reads the VirusScan installation source and creates a set of distribution files based on the configuration criteria you choose. The application is well laid out, with the menu items that you must step through identified on the left-hand pane, and the corresponding question(s) for each menu item clearly displayed in the center of the window.
When launching Installation Designer 7, you’re given the option of either creating a new package or modifying an existing one. This is a rather obvious selection, but it does demonstrate that you don’t have to sit down and think through all of the installation options at once. In addition, if there’s a significant change to your corporate security policies, you can revisit your installation package to make the appropriate changes. Strangely, if you select modify versus create, your options for customization of an existing package are slightly limited. If create is chosen, you will have to walk through 20 menu items in order to fully customize the installation package. Modify only has 12 options. Unfortunately, some of the items you may wish to change are only available during the creation process. For this article, I’ll focus on the effort to create a new package.
When creating a new VirusScan installation package, there a logical process to step through (See Table A). At each screen, you will have the ability to answer the questions, revert to the previous question, advance to the next question, or simply click Finish to complete the installation "as is" and return later to customize it further. For virtually any screen, if you want to accept the default configuration, simply click the Next button.
If you encounter the following error message and you’re planning on using Alert Manager, ensure that you’ve downloaded the Alert Manager 4.7.0 and copied the AMG470.MSI file into an AGM folder below the VirusScan source folder: Could not copy the Alert Manager file S:\MCAFEE\VirusScan7.src\AMG\AMG470.msi. You may configure Alert Manager Server installation options on the Alert Manager Installation page.
Once your VirusScan package is complete, it can be installed in a variety of ways:
- Login script
- E-mail with a link to the setup program
- Software distribution system such as SMS or ZENworks.
Time to deploy
For those planning on deploying VirusScan 7 who haven’t come up with the dollars for a full deployment of ePO v3.0, you owe it to yourself to take a good look at Installation Designer 7. It’s a highly configurable product and, given that it’s bundled with an enterprise license for VirusScan, what have you got to lose?