Security

Step through McAfee's Installation Designer for VirusScan 7

When you consider the time involved in installing the latest McAfee antivirus solution to a large number of servers and workstations, it makes sense to use installation software. Here are the steps to one solution that comes bundled with VirusScan 7.

This past spring, Network Associates Inc (NAI) released the much-anticipated upgrade to its McAfee antivirus software for Windows. Gone is Netshield for Windows as well as VirusScan 4.5. Both have been combined into a single product called VirusScan 7. The simplicity of being able to install one package for both servers and workstations is a real bonus. Functionally, I haven’t seen too much difference between the old and the new version, but I’m sure if you contact your local NAI rep, he’ll have plenty to say about the new product.

Assuming you’re planning on moving forward with VirusScan 7, what installation options are available? Basically there are three choices:
  • Manual: This essentially requires executing good old SETUP.EXE and answering all the prompts in order to install VirusScan 7. If you choose this method, there are approximately half a dozen user interface screens that require some form of input or response. It’s really quite tedious, and you can budget between five and 10 minutes to perform an installation. Time will vary based on the speed of the PC.
  • Semi-automatic: Semi-automatic involves the use of NAI’s Installation Designer 7.0 to create an installation package according to your corporate requirements, then using that package to deploy VirusScan 7 across your enterprise. This product will be the focus of this article.
  • Fully-automatic: By using NAI’s ePolicy Orchestrator (ePO), not only can you create customized packages, you can also push out the packages from a central location. In addition, you can monitor the status of which workstations have or don’t have the packages, as well as create and enforce policies related to update retrieval.

Benefits of using Installation Designer
Installation Designer is a well-thought-out, easy-to-use application for customizing the installation of VirusScan 7. The two biggest reasons for using Installation Designer rather that doing things manually are worth mentioning:
  • Consistency: The ability to customize virtually any setting of VirusScan ensures that you have a consistent installation across your enterprise—one that is not left to the whims of any particular system administrator or end user.
  • Speed: By answering all the prompts once, you can then deploy VirusScan via e-mail, login script, or an alternative deployment tool such as SMS or ZENworks. Not having to respond to half a dozen questions during each installation will save a significant amount of time and effort.

How Installation Designer works
Installation Designer is actually rather basic. It’s a GUI that reads the VirusScan installation source and creates a set of distribution files based on the configuration criteria you choose. The application is well laid out, with the menu items that you must step through identified on the left-hand pane, and the corresponding question(s) for each menu item clearly displayed in the center of the window.

Welcome
When launching Installation Designer 7, you’re given the option of either creating a new package or modifying an existing one. This is a rather obvious selection, but it does demonstrate that you don’t have to sit down and think through all of the installation options at once. In addition, if there’s a significant change to your corporate security policies, you can revisit your installation package to make the appropriate changes. Strangely, if you select modify versus create, your options for customization of an existing package are slightly limited. If create is chosen, you will have to walk through 20 menu items in order to fully customize the installation package. Modify only has 12 options. Unfortunately, some of the items you may wish to change are only available during the creation process. For this article, I’ll focus on the effort to create a new package.

Create
When creating a new VirusScan installation package, there a logical process to step through (See Table A). At each screen, you will have the ability to answer the questions, revert to the previous question, advance to the next question, or simply click Finish to complete the installation "as is" and return later to customize it further. For virtually any screen, if you want to accept the default configuration, simply click the Next button.

Note
If you encounter the following error message and you’re planning on using Alert Manager, ensure that you’ve downloaded the Alert Manager 4.7.0 and copied the AMG470.MSI file into an AGM folder below the VirusScan source folder: Could not copy the Alert Manager file S:\MCAFEE\VirusScan7.src\AMG\AMG470.msi. You may configure Alert Manager Server installation options on the Alert Manager Installation page.
Table A
Option Description
Source and Destination Specify source and destination folders for where the raw version of VirusScan is and where the custom package will reside.
Features A hierarchical list of features to enable/disable or show/hide. Similar to the Custom Installation Wizard for MS Office packaging.
Source for Configuration You can either import the settings from your local PC or specify an existing CAB file. The selection of an existing CAB file implies that a previous installation package exists.
Installation Options Here you decide to what folder VirusScan will be installed, if the installation will be silent, and whether to preserve existing VirusScan or NetShield configurations.
On-Access Scanner How the real-time scanner will behave and what actions will be taken if a virus is encountered.
On-Delivery Scanner How VirusScan will interact with e-mail files. If using a MAPI/IMAP messaging system, such as Exchange select the “Scanning of e-mail” option.
Schedule Scans Here you decide how frequently VirusScan will scan and which drive it will scan. Highlight a task and select Edit to ensure that the scan schedule frequency and start time is appropriate for your organization. The Advanced tab offers useful settings for maximum CPU utilization throttle.
AutoUpdate Schedule Shows how frequently VirusScan will look for updated signature files. McAfee Updates are typically released on Wednesday. I recommend setting the AutoUpdates to check weekly on a Friday morning. This will allow time for internal IT staff to ‘certify’ updates two days prior to general deployment.
Alter Manager Properties Explains which components will trigger alerts, what type of alerts will be generated, and who will be notified,
Alter Manager Installation Disabled by default.
User Interface Properties Show or hide the VirusScan icon in the System Tray. The option for password protecting the VirusScan settings prevents clients from tampering with the configuration. This option should only be used once you’ve configured and tested VirusScan successfully in your organization.
Add/Remove Options Allow clients to Uninstall or select the Modify option from the Control Panel. Optionally, you can even hide VirusScan from Add/Remove Programs. I recommend keeping the "Allow uninstall" option for troubleshooting purposes. Group Policy and/or login scripts can be used to ensure that the software is always installed.
DAT and Engine Files Optionally bundle updated signature or engine files. Stick with the original DAT and engine file. Incorporating the latest updates can be very time consuming
Patch Files Use to determine what optional service packs or hotfixes to include. If SPx is out, I recommend bundling it with the VirusScan installation.
AutoUpdate Configuration Important options for specifying AutoUpdate repository locations as well as source location priorities for update files. Having multiple repositories can be beneficial to ensure that workstations always remain current. I recommend these four:
  • Local path to a consistent server drive map throughout your organization
  • FTP to internal intranet site
  • NAI FTP (disable if port 21 is blocked on the corporate firewall)
  • NAI HTTP
Don’t use a UNC since ‘hardwiring’ a specific path is rather restrictive and inflexible should that path ever change.
Programs Optional additional programs that can run after a successful installation.
Additional Files Optional files that can be added to local PC following an installation. These can be completely unrelated to VirusScan.
Registry Settings Optional .REG file that can be included for customizing the Windows Registry. Can specify separate files for NT, 2000, or XP. A minor, but useful setting that’s not configurable via the Installation Designer is the elimination of the Splash Screen during VirusScan startup. The following REG file setting may be useful:[HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\TVD\VirusScan Enterprise\CurrentVersion]"bSkipSplash"=dword:00000001
Installation Designer Password Password protects the installation package. Recommended to prevent other system administrators from tampering with your work of art.
Upgrade License Option to upgrade an evaluation version to a registered version.
Post-Installation Options Use to force a reboot, start On-Demand Scanner, perform system scan, or update virus definition files.
Finish Saves your masterpiece.

Once your VirusScan package is complete, it can be installed in a variety of ways:
  • Login script
  • E-mail with a link to the setup program
  • Software distribution system such as SMS or ZENworks.

Time to deploy
For those planning on deploying VirusScan 7 who haven’t come up with the dollars for a full deployment of ePO v3.0, you owe it to yourself to take a good look at Installation Designer 7. It’s a highly configurable product and, given that it’s bundled with an enterprise license for VirusScan, what have you got to lose?
0 comments

Editor's Picks