Install McAfee ENS on Linux – Standalone

Install McAfee ENS on Linux

How to Install McAfee ENS on Linux systems? This guide help to achieve the same. For demonstration here used Ubuntu 18.04 OS and McAfee ENS version 10.6.9. But the commands given here best suit for all McAfee supported Linux version. Please see KB91326 for ENS supported Linux platforms.

Note: This post Intended for ePO server and client environment. Also the one who needs to do Install standalone packages manually rather then pushing from ePO.

Prerequisite: McAfee agent should have been Installed. Looking for guide, refer how-to-install-mcafee-agent-on-linux

Steps to Install McAfee ENS on Linux

  1. Download Installers from McAfee Products page. There is separate Installer for each ENS modules. Therefore here will see how to Install McAfee ENS ThreatPrevention(TP) and Firewall (FW) of version 10.6.9
   - McAfeeTP-10.6.9-121-Release-standalone.tar.gz 
   - McAfeeFW-10.6.9-121-Release-standalone.tar.gz
  1. Copy the downloaded package to temp path
bash#> mkdir /tmp/ens-install
bash#> cp McAfeeTP-10.6.9-121-Release-standalone.tar.gz /tmp/ens-install
bash#> cp McAfeeFW-10.6.9-121-Release-standalone.tar.gz /tmp/ens-install
bash#> cd /tmp/ens-install
  1. Firstly extract and Install McAfee ENS Threat Prevention (TP)
bash#> tar -xzf McAfeeTP-10.6.9-121-Release-standalone.tar.gz
bash#> sudo ./install-mfetp.sh silent
 <<wait for Installation to finish>>
--Sample output on successful Install--
Successfully installed McAfeeTP-10.6.9-121.deb

Schedule for Default DAT and Engine update task was successfully added
Successfully enabled GTI
Enabling OAS, please wait for some time
OAS was successfully enabled
Access Protection was specifically disabled during installation
McAfeeTP is ready for use now
  1. Then verify ENS TP Installation
bash#> sudo /opt/McAfee/ens/tp/bin/mfetpcli --version
--Sample output--
McAfee Endpoint Security for Linux Threat Prevention
Version : 10.6.9.121
License : Full
DAT Version : xxxxx
DAT Date : xx-xx-xxxx
Engine Version : xxxxxxx

Note: License will get updated when reported back to ePO

  1. Secondly Install McAfee ENS Firewall (FW)
bash#> tar -xzf McAfeeFW-10.6.9-121-Release-standalone.tar.gz
bash#> sudo ./install-mfefw.sh silent
<< wait for Installation to finish>>
--Sample output on successful Install--
Successfully installed McAfeeFW-10.6.6-105.deb

Enabling McAfee Firewall, please wait for some time
McAfee Firewall was successfully enabled
McAfeeFW is ready for use now

Note: Pass argumment “fwoff” along with Install command to get firewall Installed with turn off state. Though upon next policy enforcement firewall settings will be modified as configured in ePO policy.

bash#> sudo ./install-mfefw.sh silent fwoff
  1. Then verify ENS FW Installation
bash#> sudo /opt/McAfee/ens/fw/bin/mfefwcli --version
--Sample output--
Name: McAfee Endpoint Security for Linux Firewall
Version: 10.6.9.121
License: Full
  1. At last validate McAfee ENS FW and TP operational status
--List McAfee ENS services and related process--
bash#> systemctl status mfeespd mfetpd mfefwd
<<will output ENS platform/common, ThreatPrevention and Firewall service status>>

bash#> sudo ps -ef |grep -i mcafee |grep ens
root      9680     1  0 18:48 ?        00:00:00 /opt/McAfee/ens/esp/bin/mfeespd
root     10262     1  0 18:48 ?        00:00:02 /opt/McAfee/ens/tp/bin/mfetpd
root     10341 10262  4 18:49 ?        00:00:31 /opt/McAfee/ens/tp/bin/mfetpd
root     10342 10341  0 18:49 ?        00:00:00 /opt/McAfee/ens/tp/bin/mfetpd
root     10350 10341  0 18:49 ?        00:00:00 /opt/McAfee/ens/tp/bin/mfetpd

--Get ENS FW status--
bash#> sudo /opt/McAfee/ens/fw/bin/mfefwcli --fw status
--Sample output--
Status: Enabled
Mode: Regular
Retain Client Side Rules: Enabled
FTP Inspection: Enabled
Log Level: Info

--Get ENS TP AccessProtection status--
bash#> sudo /opt/McAfee/ens/tp/bin/mfetpcli --getapstatus

--Get ENS TP On-Access scanner status--
./mfetpcli --getoasconfig --summary

To conclude, here summarized quick way to Install McAfee ENS on Linux using simple commands along with useful verification steps. Hope this helps. If you found this post useful, post a smiley 🙂 on comments.

3 thoughts on “Install McAfee ENS on Linux – Standalone

  1. you sir make me smile, can you help me for remove the FW ?,
    i have situation that more than 10 linux server have been installed manually with ensTP and FW, and already installed the MA too,
    than suddenly we need to remove only the FW modules from 10 linux servers,
    i tried creating task for remove ens linux fw but still the result always failed,
    can you help me how to remove only the FW module, remove using epo and or using manually,
    😀

    1. Hello There, you may use McAfee firewall uninstall script itself. Try this command.
      $ sudo /opt/McAfee/ens/fw/scripts/uninstall-mfefw.sh

      Hope it helps !! Keep smiling 🙂

Leave a Reply

Your email address will not be published. Required fields are marked *