McAfee System Compliance Profiler

[ReallyTallCupboards]

Hi,

Does anyone know when the System Compliance Profiler product is going to be fully released? We have been trying out the beta version & it looks like a very useful & promising tool when used in conjuction with EPO. Saying that, the EPO reporting side of SCP doesn't seem to function for us, but I guess I can forgive NAI due to the beta status.

thx
RTC

 

[addus5]

I heard that system compliance monitor will be released in the new version of EPO which is due by summer 2004.

 

[ReallyTallCupboards]

thanks addus5
i guess i'll have to sit & wait :-(
if anyone else has heard different, please post...

 

[ReallyTallCupboards]

I've just noticed that NAI have updated the beta pages for System Compliance Profiler:

Beta Program Schedule
Beta II - Current
Final Release - Mid February

So that's good news.

 

[ReallyTallCupboards]

hoorah! version 1.0 of Mcafee SCP has now been released & is available for download from nai.com. just in case you wanted to know...

 

[murphyg]

Any ideas what will be in the new version Of EPO?


Gary

 

[SlurpeeGuy]

Anybody running this? I can deploy and install SW but, no reports?

 

[SlurpeeGuy]

Well, It appears to be the patch_reports.nap that is causing the problem...will need to call support on this.

 

[SlurpeeGuy]

Nevermind you have to log in ePO reports with ePO authentication first for the reports to show up....doh...

 

[ant531]

I've deployed the System Compliance Profiler agent to our servers and setup a task to scan for an MS Patch using the KBXXXXXX option. I've also tried to use the Reg Key option with no luck.

The task that I deploy does run successfully, but when I go to run a report all I get is a report telling me that the "Computers not yet scanned with the current policy".

Has anyone ran into this issue?

 

[SlurpeeGuy]

Same thing for me...although it show that my test PC are non compliant which is a false positive. Anybody having luck with this?

 

[ant531]

I'm getting "Unknown scan results

 

[murphyg]

AnyBody had any luck with this, I gt the same as ant531,

Any thoughts

 

[SamT]

Same problem for me too. If someone gets a solution, make sure you post it here.

 

[P3dr0]

I have the same problem

I find that in the readme.txt know issues.

2. In some cases, running a Product Protection
Summary report (on ePolicy Orchestrator version
3.0.0) produces a report that suggests that no
computers have System Compliance Profiler
installed. This data may be incorrect.

To resolve this issue, upgrade to the latest
version of ePolicy Orchestrator.



I have tried System Compliance on a test server with ePo 3.0.2, and it's work fine, but on our Working Server, with ePo 3.0.1 it doesn't work.
But after seeing the problems with the new service pack, i prefer not install it. So i think we must just wait a new service pack.

 

[SamT]

I guess that means ePO 3.02 (or SP2), which has been pulled from release because of "problems".

 

[ReallyTallCupboards]

ok, here goes: I have deployed SCP 1.0 to 25 pilot PCs & servers. The EPO deployment task was managed to deploy successfully on 60% of machines (there was no obvious rhyme or reason to this deployment success rate). I hit the remaining 40% by running the exe installer manually locally on those machines.

I set up some test rules (based on the supplied "security patch templates" quoting MS KB###### article nos) to scan for recent MS critical patches. I also threw in a couple of rules that scanned for kazaa.exe, just for good measure.

I've had the above setup running for a couple of weeks now & had results back every day for 4 days (I set up a daily SCP scan task to run on all SCP installed machines at 13:30). However, the report "historical summary report dist by severity" stopped being populated with results on the 18th & nothing else has appeared since. I have checked that the scan task is still active (it is) & that SCP is still running on the target machines (it is).

I was wondering if anyone else has experienced this?

BTW, I was in a with NA the other day & apparenly there's an SCP 1.1 on the horizon. Also, NA are keen for us admins to report any wishlist-type stuff for future SCP releases to them (such as the ability to run patches, not just report on them). Channel any such requests thru your NA account manager.

 

[ReallyTallCupboards]

sorry, I went all butter fingered with that last paragraph; here's what it should say ;-)

BTW, I was in a meeting with NAI the other day. Apparently SCP 1.1 is on the horizon. Also, NAI are keen for administrators to submit wishlists stuff for future SCP releases to them. I mentioned that it would be helpful for SCP to have the ability to run patches, not just report on them. Channel any such requests thru your NA account manager, not thru NAI support.