How to Install McAfee ENS on Linux systems? This guide help to achieve the same. For demonstration here used Ubuntu 18.04 OS and McAfee ENS version 10.6.9. But the commands given here best suit for all McAfee supported Linux version. Please see KB91326 for ENS supported Linux platforms.
Note: This post Intended for ePO server and client environment. Also the one who needs to do Install standalone packages manually rather then pushing from ePO.
Prerequisite: McAfee agent should have been Installed. Looking for guide, refer how-to-install-mcafee-agent-on-linux
Steps to Install McAfee ENS on Linux
- Download Installers from McAfee Products page. There is separate Installer for each ENS modules. Therefore here will see how to Install McAfee ENS ThreatPrevention(TP) and Firewall (FW) of version 10.6.9
- McAfeeTP-10.6.9-121-Release-standalone.tar.gz
- McAfeeFW-10.6.9-121-Release-standalone.tar.gz
- Copy the downloaded package to temp path
bash#> mkdir /tmp/ens-install
bash#> cp McAfeeTP-10.6.9-121-Release-standalone.tar.gz /tmp/ens-install
bash#> cp McAfeeFW-10.6.9-121-Release-standalone.tar.gz /tmp/ens-install
bash#> cd /tmp/ens-install
- Firstly extract and Install McAfee ENS Threat Prevention (TP)
bash#> tar -xzf McAfeeTP-10.6.9-121-Release-standalone.tar.gz
bash#> sudo ./install-mfetp.sh silent
<<wait for Installation to finish>>
--Sample output on successful Install--
Successfully installed McAfeeTP-10.6.9-121.deb
Schedule for Default DAT and Engine update task was successfully added
Successfully enabled GTI
Enabling OAS, please wait for some time
OAS was successfully enabled
Access Protection was specifically disabled during installation
McAfeeTP is ready for use now
- Then verify ENS TP Installation
bash#> sudo /opt/McAfee/ens/tp/bin/mfetpcli --version
--Sample output--
McAfee Endpoint Security for Linux Threat Prevention
Version : 10.6.9.121
License : Full
DAT Version : xxxxx
DAT Date : xx-xx-xxxx
Engine Version : xxxxxxx
Note: License will get updated when reported back to ePO
- Secondly Install McAfee ENS Firewall (FW)
bash#> tar -xzf McAfeeFW-10.6.9-121-Release-standalone.tar.gz
bash#> sudo ./install-mfefw.sh silent
<< wait for Installation to finish>>
--Sample output on successful Install--
Successfully installed McAfeeFW-10.6.6-105.deb
Enabling McAfee Firewall, please wait for some time
McAfee Firewall was successfully enabled
McAfeeFW is ready for use now
Note: Pass argumment “fwoff” along with Install command to get firewall Installed with turn off state. Though upon next policy enforcement firewall settings will be modified as configured in ePO policy.
bash#> sudo ./install-mfefw.sh silent fwoff
- Then verify ENS FW Installation
bash#> sudo /opt/McAfee/ens/fw/bin/mfefwcli --version
--Sample output--
Name: McAfee Endpoint Security for Linux Firewall
Version: 10.6.9.121
License: Full
- At last validate McAfee ENS FW and TP operational status
--List McAfee ENS services and related process--
bash#> systemctl status mfeespd mfetpd mfefwd
<<will output ENS platform/common, ThreatPrevention and Firewall service status>>
bash#> sudo ps -ef |grep -i mcafee |grep ens
root 9680 1 0 18:48 ? 00:00:00 /opt/McAfee/ens/esp/bin/mfeespd
root 10262 1 0 18:48 ? 00:00:02 /opt/McAfee/ens/tp/bin/mfetpd
root 10341 10262 4 18:49 ? 00:00:31 /opt/McAfee/ens/tp/bin/mfetpd
root 10342 10341 0 18:49 ? 00:00:00 /opt/McAfee/ens/tp/bin/mfetpd
root 10350 10341 0 18:49 ? 00:00:00 /opt/McAfee/ens/tp/bin/mfetpd
--Get ENS FW status--
bash#> sudo /opt/McAfee/ens/fw/bin/mfefwcli --fw status
--Sample output--
Status: Enabled
Mode: Regular
Retain Client Side Rules: Enabled
FTP Inspection: Enabled
Log Level: Info
--Get ENS TP AccessProtection status--
bash#> sudo /opt/McAfee/ens/tp/bin/mfetpcli --getapstatus
--Get ENS TP On-Access scanner status--
./mfetpcli --getoasconfig --summary
To conclude, here summarized quick way to Install McAfee ENS on Linux using simple commands along with useful verification steps. Hope this helps. If you found this post useful, post a smiley 🙂 on comments.
you sir make me smile, can you help me for remove the FW ?,
i have situation that more than 10 linux server have been installed manually with ensTP and FW, and already installed the MA too,
than suddenly we need to remove only the FW modules from 10 linux servers,
i tried creating task for remove ens linux fw but still the result always failed,
can you help me how to remove only the FW module, remove using epo and or using manually,
😀
Hello There, you may use McAfee firewall uninstall script itself. Try this command.
$ sudo /opt/McAfee/ens/fw/scripts/uninstall-mfefw.sh
Hope it helps !! Keep smiling 🙂
Hello,
I have standalone version, how can I install the licence?
Thanks!