4
The tool expires so that customers are forced to update the EPR tool once a quarter to ensure the customer is running
with the latest EPR Tool service level that picks up new bug fixes or new functionality that the customer should be using.
• Endpoint Upgrade Automation will not execute on an endpoint on which the EPR tool has been executed until that
endpoint has been rebooted
• It is not recommended to remove McAfee Agent if there will be any other products remaining on the endpoint after it is
removed (applies to both products supported and not supported by the EPR tool)
• If running from the command line, it is recommended to use the command line parameters for each individual product
to be removed, instead of using the –ALL parameter.
• EPR may determine that McAfee Drive Encryption (MDE), McAfee Native Encryption (MNE) cannot be safely removed. In
this scenario, MA will also not be removed, as this could affect the operation of MDE or MNE.
o MDE will not be removed if it is active
o MNE will not be removed if Network Unlock is enabled
o In some versions of MNE, the flag stating that the product is safe to remove is incorrectly set, which leads to
EPR unexpectedly not removing the product. In this case, refer to the command line parameter descriptions
below for --BRUTEFORCE=REMOVE_ACTIVE_MNE.
• EPR may determine that McAfee Application and Change Control is active, in which case it will not be removed
• EPR does not operate in the presence of the following products:
o VSE for Storage
o VSE for SAP
o OVI
o Deep Defender
o HIPS 7
o VSE 8.5
The default and strongly recommended action is to reboot the endpoint after removing any products.
When the EPR tool removes products, it attempts to delete all files and registry keys associated with each
product. For most products, there will be some files that cannot be deleted immediately, such as driver
files that are loaded by the OS. When this happens, the EPR tool will mark the files for deletion on reboot
instead.
If the machine is not rebooted, the following scenario can occur:
• A product that was removed by EPR is re-installed
• The product works as expected
• At some point, the machine is rebooted
• The files marked for deletion by the EPR tool are deleted
• The product stops functioning
Best Practices
The EPR tool is designed to remediate endpoint that have a specific issue that cannot be fixed via the normal support channels.
It should be used as a last resort and only after the issues have been properly analyzed and the details have been provided to
the appropriate point product team via support.
It is not designed to be used as an ENS migration tool. If you are doing ENS migrations, you should use the Endpoint Upgrade
Assistant for this purpose. If you’re planning to use Endpoint Upgrade Automation, it will not execute on an endpoint on which
EPR tool has been executed until that endpoint has been rebooted.
The following are requirements and best practices for ensuring a successful EPR run: