Security, Mcafee, Removing McAfee Applications and Breaking ePO Connection from Managed Endpoints
Describes how to break the connection between the McAfee ePO management connection and remove most McAfee products (such as antivirus).
McAfee products can be managed remotely via the University ePO. In order to completely uninstall McAfee products, an IT Pro will need to break this connection and uninstall these programs.
The following steps describe how to do this task. These steps will need to be repeated once per McAfee product, in order to completely remove the undesired McAfee software.
- Log in to ePO by visiting https://epo.cites.illinois.edu:8443/ and select the "System Tree" icon at the top of the page.
- In the left pane, drill down to your OU (My Organization→ad.uillinois.edu→and so on) and select the OU to which you wish to apply a policy.
- At this point the process changes slightly depending on what you're trying to do:
- Antivirus: If you want to uninstall McAfee VirusScan, select "McAfee agent" or the product for which you wish to break inheritance in the "Product" popup.
- Other McAfee products: If you want to uninstall other McAfee products, select the policy named after the product for which you would like to break inheritance in the "Product" popup.
- Underneath the "Actions" column select the "Edit Assignment" link and a new panel will appear.
- In the new panel, set the policy assignment to "Break inheritance and assign the policy settings below" as illustrated and select "Save" at the bottom-right. The screenshot below shows the most common task, removing McAfee antivirus.
- Don’t try to break inheritance and/or uninstall multiple products simultaneously. This means you will have to run through these steps multiple times but you’ll be notified of each product removal as you go.
How to tell you've broken an endpoint's connection to McAfee management
After the ePO no longer sees McAfee products installed on the endpoint, you can confirm this in one of two ways:
- By going to the endpoint's entry in the list of available endpoints in the target OU and picking "System properties" which brings up a table of properties describing that endpoint. In the "Installed products" row you will see there are no products listed.
- The "Products" tab also shows an empty list of products. This will provide positive confirmation that you’ve successfully removed McAfee products.