Mcafee Application Control 8.0.0 Installation Guide

McAfee Application Control 8.0.
0
Installation Guide (Unmanaged)
Contents
Preface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
About this guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Audience. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Find product documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Installing the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Procure the installer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Install in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Install on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Install in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Install on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Install on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Verify the installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Verify on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Verify on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Upgrading the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Before you begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Upgrade in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Upgrade on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Upgrade in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Upgrade on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Upgrade on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Verify the upgrade. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Uninstalling the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Uninstall in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Uninstall on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Uninstall in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Uninstall on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Uninstall on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Create builds for unsupported Linux kernels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Frequently asked questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

1| Preface
Preface
This guide provides the information you need to work with your McAfee product.
About this guide

This information describes the guide's target audience, the typographical conventions and icons used in this guide, and how the
guide is organized.
Audience
McAfee documentation is carefully researched and written for the target audience.
The information in this guide is intended primarily for:
• Administrators — People who implement and enforce the company's security program.
Conventions
This guide uses these typographical conventions and icons.
Italic Title of a book, chapter, or topic; a new term;

emphasis
Bold Text that is emphasized
Monospace Commands and other text that the user types; a

code sample; a displayed message
Narrow Bold Words from the product interface like options,

menus, buttons, and dialog boxes
Hypertext blue A link to a topic or to an external website
Note: Extra information to emphasize a point,

remind the reader of something, or provide an
alternative method
Tip: Best practice information
4 McAfee Application Control 8.0.0 Installation Guide (Unmanaged)

1| Preface
Caution: Important advice to protect your computer

system, software installation, network, business, or
data
Warning: Critical advice to prevent bodily harm

when using a hardware product
Find product documentation

On the ServicePortal, you can find information about a released product, including product documentation, technical articles,
and more.
Task
1. Go to the ServicePortal at https://support.mcafee.com and click the Knowledge Center tab.
2. In the Knowledge Base pane under Content Source, click Product Documentation.
3. Select a product and version, then click Search to display a list of documents.
McAfee Application Control 8.0.0 Installation Guide (Unmanaged) 5

2| Installing the software
Installing the software

Install Change Control or Application Control in the standalone configuration on Windows and Linux platforms.
For all supported platforms, the software works on physical and virtual machines (VM). You can install the software in one of
these modes.
• Interactive mode — An installation wizard guides you through the several steps required to configure and install the
software.
• Silent mode — Installation is non-interactive installation with no progress bar or displayed messages. Recommended for
medium- and large-scale deployments.
Prerequisites
Before installing Change Control or Application Control, review these guidelines and make sure that your environment
conforms to these requirements.
• Verify that the system does not have an existing installation. Installation might fail if another instance of the software is
already installed and is in Enabled mode.
If upgrade is supported from the installed version (verify by reviewing release notes and KB73341), see Upgrading
the software.
If upgrade is not supported from the installed version, uninstall the existing version before installing the new
version.
• Download the license key from the McAfee Downloads site. Keep it handy before starting installation.
• Review the minimum system requirements, supported operating systems, and supported file systems for Change
Control and Application Control (see KB73341).
• Make sure that the target platform where you want to install the software is supported. See KB76459 (for Change
Control) and KB73341 (for Application Control).
• Review the release notes to acquaint yourself with the known issues and identify dependencies.
• Review these platform-specific requirements.
Platform Requirements
Windows Make sure that the product is not installed in

the <SYSTEM_VOLUME>\Solidcore directory or
its subdirectories.
Make sure that the product is installed on a
system drive.
If you have other file-security programs (anti-
virus programs or file-encryption programs)
installed and running on your system, create a

Platform Requirements
registry key named DfsIrpStackSize under

HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro
lSet\Services\Mup\Parameters and set its
decimal value to 10. If this registry key already
exists, make sure that its decimal value is set to
10.
Linux Review KB82066 for information about the

supported kernels for the Linux operating
system. If the target kernel is not mentioned in
this article, there are two ways to get support:
Compile the kernel module in your test

environment and manually deploy to
production endpoints. For more information,
see Create builds for unsupported Linux kernels.
Request for kernel support through the McAfee
Accept portal by filing a Product Enhancement
Request (PER). For information about how to
submit a PER, see KB60021.
Procure the installer

The Solidcore client is the software component that provides change monitoring, change prevention, and whitelisting features on
the systems where it is installed. Download the Solidcore client package before installing the Solicore client.
Task
1. Download the package from the McAfee downloads site.
The available Solidcore client packages are:
Windows SOLIDCOR<version>-<build>_WIN.zip
Linux SOLIDCOR<version>-<build>_LNX.zip

Note: In the file name, <version> and <build> represent the version and build number associated
with the product. For example, the SOLIDCOR614-211_LNX.zip file includes the Solidcore client
(version 6.1.4 and build number 211) for the Linux platform.
2. Save the package file to an accessible location.

3. Open the package file for the required operating system.
The Solidcore client package file includes the installers for all operating systems.
4. Extract the required installer.
For the Windows operating system, different installers are available based on the target architecture and distribution. Each
installer file name uses the setup-win-<os>-<arch>-<rel>.<build>.exe syntax. In the syntax:
<arch>
• x86 for 32-bit architecture
• amd64 for AMD 64-bit architecture
<os> Indicates the operating system to which the

installer applies
Install in Interactive mode

In Interactive mode, the installer starts a wizard that guides you through the installation. Using Interactive mode you can install
the software on Windows platform. Interactive mode is unavailable for the Linux platform.
Install on the Windows platform
Install the software in Interactive mode on a Windows system.
Task
1. Log on to the system with administrator rights.
2. Navigate to the directory containing the installer file. Start the installer.
• For Windows 2008, Windows 2008 R2, Windows 7 (with UAC enabled), Windows 8.1, Windows 2012, or Windows 10,
right-click the installer file in Windows Explorer and select Run as administrator.
• For other Windows platforms, double-click the installer file in Windows Explorer.
3. On the Welcome page, click Next to display the License Agreement page.
4. Accept the terms of the license agreement, then click Next to display the Customer Information page.
Enter the user and company information.
5. Enter the license key in the Serial Number field or select Install without license key.
6. Click Next to open the Destination Folder page.

7. Specify the installation folder.

By default, the software files are placed in the <system drive>:\Program Files\McAfee\Solidcore folder.
8. (Optional) Click Browse to specify a batch file (containing commands) or an executable file to use for post-installation
configuration.
The specified file is started automatically after the software is installed on the system.
9. In the Ready to Install the Program page, click Install to begin the installation.
10. Click Finish to complete the installation.
Install in Silent mode

To perform a silent installation, use the provided command-line options to suppress all interaction and provide parameters for all
options.
When you perform a silent installation, no messages are displayed. Instead, a log file captures installation information, including
whether the installation was successful. You can review the log file and determine the installation results. Using Silent mode, you
can install the software on Windows and Linux platforms.
Install on the Windows platform
Install the software in Silent mode on a Windows system.
Task
2. Verify that the required installer is available.
3. Open a command window and run one of these commands.
<installer-file> /s /v" /qn SERIALNUMBER=xxxx-xxxx-xxxx-xxxx-xxxx"
<installer-file> /s /v" /qn UNLICVER=1"
Notice the double quotes (") after /v and space between /s and /v. There is no space between /v and double quotes ("). Here
is description of all possible arguments for the command. In addition to the SERIALNUMBER or UNLICVER arguments, you can
optionally specify one or more of these arguments with the command.
Argument Description
SERIALNUMBER Specify the license key for the installation.

<installer-file> /s /v" /qn SERIALNUMBER=xxxx-xxxx-
xxxx-xxxx-xxxx"
UNLICVER Install the software without specifying the license

key. Possible values for this argument are 0 and
1. A value of 1 indicates that you are installing the
software without using the license key.

SHORTCUT Create a desktop shortcut to access the

command-line tool. Possible values for this
argument are 0 and 1. Specify a value of 1 to
create the shortcut and 0 to skip the shortcut
creation.
<installer-file> /s /v" /qn UNLICVER=1 SHORTCUT=1"
POSTINSTALL Specify a file to perform post-installation

configuration on the system. To specify file paths
that contain spaces, enclose the paths in double
quotes (").
<installer-file> /s /v" /qn UNLICVER=1
POSTINSTALL=\"C:\\My Dir\\batch.exe\""
INSTALLDIR Install the software at a user-specified location.

With this argument, you can specify a folder
path of up to 240 characters (total string length
including special characters).
xxxx-xxxx-xxxx INSTALLDIR=\"C:\\My Dir\\McAfee\
\Solidcore\""
/l+*v Change the default location of the

Solidcore_Installer.log file. By default, this file is
placed in the SYSTEMROOT directory.
<installer-file> /s /v" /qn UNLICVER=1 /l+*v \"C:\
\Solidcore_Installer.log\""
Install on the Linux platform
Install the software in Silent mode on a Linux system.
Before you begin

Before installing on the Linux operating system, review KB82066 for information about the supported kernels. We add support
for new kernels through kernel release cycles. We recommend that you review the kernel list before installing. If the target kernel
is not mentioned in this article, there are two ways to get support:

• Compile the kernel module in your test environment and manually deploy to production endpoints. For more
information, see Create builds for unsupported Linux kernels.
• Request kernel support through the McAfee Accept portal by filing a Product Enhancement Request (PER). For
information about how to submit a PER, see KB60021.
Task
2. Open a terminal and navigate to the directory containing the installer file.
3. Extract the contents of the Solidcore client package file.
4. Run the mapkg_install script file.
./mapkg_install.sh
The installation script performs installation-related tasks. By default, the software is installed in the /usr/local/mcafee/
solidcore directory.
5. Review the log file. See Verify the installation.
Verify the installation

Verify that the software was installed successfully.
Verify on the Windows platform
Verify that the software was installed successfully on the Windows platform.
For details about product features, usage, and best practices, click ? or Help.
Task
Make sure that these components exist:
• An entry for McAfee Solidifier is added to the Programs menu.

• The swin.sys file is added to the %SystemRoot%\Windows\System32\drivers location.
• The McAfee Solidifier Service is added under Windows services.
• Product-specific registry settings are created:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swin
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\scsrvc
• Additional files are placed in the installation directory. These files are internal to the product and should not be modified.
• Solidcore_Installer.log and solidcore_setup.log files are created under %SYSTEMROOT%. You can view the log file
contents to verify if errors occurred during the installation.
Verify on the Linux platform
Verify that the software was installed successfully on the Linux platform.
For details about product features, usage, and best practices, click ? or Help.
Task
1. Review the log file.

• If the installation succeeds, the solidcoreS3_install_<rel>-<build>.log file is created in the /var/log/mcafee/

solidcore directory.
• If the installation fails, the solidcoreS3_install.log file is present in the /tmp directory. For error details, review the
most-recent bitrock_installer.log or bitrock_installer_<PID>.log file in the /tmp directory. To further investigate
installation failures, contact McAfee Support (https://mysupport.mcafee.com/ with the log file.
2. Verify that the Solidcore product is reported in the package database of the system.
Linux (all distributions) # rpm -q solidcoreS3 solidcoreS3-kmod

These messages are displayed.
solidcoreS3-<rel>-<build>
solidcoreS3-kmod-<rel>-<build>
Linux (Ubuntu) dpkg -l solidcores3 solidcores3-kmod

solidcores3 <rel>-<build>
The McAfee Solidifier provides a
comprehensive control solution for
enterprise server systems.
solidcores3-kmod <rel>-<build>
This package provides the kernel
component of McAfee Solidifier for
Linux.
3. Verify that the solidcore.conf file is created in the /etc directory during installation.
# ls -ls /etc/mcafee/solidcore/solidcore.conf
4. Make sure that the software service (scsrvc) is added to the system.
Linux —# ls -ls /etc/init.d/scsrvc
5. Verify that the software service (scsrvc) is running.
# ps -ef | grep scsrvc
The output of this command should show at least two scsrvc processes running from the installation location.
6. Make sure that the product files are placed in the installation directory.
# ls -ls <install-dir>

3| Upgrading the software
Upgrading the software

Upgrade Change Control or Application Control in the standalone configuration.
You can upgrade the software in one of these modes.
• Interactive mode — An installation wizard guides you through the several steps required to upgrade the software.
• Silent mode — Upgrade is non-interactive with no progress bar or displayed messages. Instead, a log file captures
information, including whether the upgrade was successful. You can review the log file and determine the results of the
upgrade. Recommended for medium- and large-scale deployments.
Before you begin

Before upgrading Change Control or Application Control, review these guidelines and make sure that your environment
conforms to the requirements.
• Upgrade is possible only at the existing installation location. Upgrading to an alternate path is not supported.
• Upgrade is supported in Update, Enabled, and Disabled modes.
You can upgrade the software in Enabled mode on all supported Windows platforms. If you are using a software
distribution tool to upgrade in Enabled mode, assign updater privileges to all relevant binary files of the software
distribution tool. To assign updater privileges to a file, use this command. updaters add <binary file>
If you upgrade in Disabled mode, make sure that you re-create the whitelist for the system when using the
Application Control software. Also, for the Windows platform, restart the system after you upgrade the software.
Note
Application Control also supports the Observe mode. But, this mode is unavailable in the standalone configuration
and is available only when McAfee® ePolicy Orchestrator® (McAfee® ePO™) manages the system.
• The default rule list (as available in a fresh installation) is not imported on upgrade. All existing monitoring, filter,
read-protect, and write-protect rules applied before upgrade remain intact.
• Review the release notes to acquaint yourself with the known issues and identify dependencies you must consider.
• Review KB82066 for information about the supported kernels for the Linux operating system. If the target kernel is not
mentioned in this article, there are two ways to get support:
Compile the kernel module in your test environment and manually deploy to production endpoints. For more
Request for kernel support through the McAfee Accept portal by filing a Product Enhancement Request (PER). For
Upgrade in Interactive mode

Using Interactive mode you can upgrade the software on Windows platform.

Upgrade on the Windows platform
Upgrade the software in Interactive mode on a Windows system.
Task
2. Navigate to the directory containing the installer file.
3. Switch to Update mode.
> sadmin begin-update
Note
If your system is currently in Enabled or Disabled mode, you can upgrade in the current mode. In Enabled mode, you
can upgrade the software on all supported Windows platforms. Before using a software distribution tool to upgrade in
Enabled mode, assign updater privileges to all relevant binary files of the tool. To assign updater privileges to a file, use
the updaters add <binary file> command.
4. Start the installer.
• For Windows 2008, Windows 2008 R2, Windows 7 (with UAC enabled), Windows 8.1 or Windows 2012, right-click the
installer file in Windows Explorer and select Run as administrator.
• For other Windows platforms, double-click the installer file in Windows Explorer. A message prompts you to
confirm if you want to upgrade the software. Click Yes to proceed.
5. Click Next to begin the upgrade.

6. When the Update Complete page appears, click Finish.
7. When prompted to restart the system, click Yes.
8. Exit Update mode.
> sadmin end-update
This step places the system in Enabled mode.
Upgrade in Silent mode

To perform a silent upgrade, use the command-line options to suppress interaction and provide parameters for all options. Using
Silent mode you can upgrade the software on Windows and Linux platforms.
Upgrade on the Windows platform
Upgrade the software in Silent mode on a Windows system.
If your system is currently in Enabled or Disabled mode, you can upgrade in the current mode. In Enabled mode, you can
upgrade the software on all supported Windows platforms. Before using a software distribution tool to upgrade in Enabled
mode, assign updater privileges to all relevant binary files of the tool. To assign updater privileges to a file, use the updaters add
<binary file> command.

Task
2. Verify that the required installer is available.
3. Open a command window and switch to Update mode.
> sadmin begin-update
4. Run one of these commands.
<installer-file> /s /v" /qn SERIALNUMBER=xxxx-xxxx-xxxx-xxxx-xxxx"
Notice the double quotes (") after /v and space between /s and /v. There is no space between /v and double quotes ("). Here
is a description of all possible arguments for the command. In addition to the SERIALNUMBER or UNLICVER arguments, you
can optionally specify one or more of these arguments with the command.
SERIALNUMBER Specify the license key for the installation.

xxxx-xxxx-xxxx"
UNLICVER Install the software without specifying the license

key. Possible values for this argument are 0 and
1. A value of 1 indicates that you are installing the
software without using the license key.
SHORTCUT Create a desktop shortcut to access the

command-line tool. Possible values for this
argument are 0 and 1. Specify a value of 1 to
create the shortcut and 0 to skip the shortcut
creation.
<installer-file> /s /v" /qn UNLICVER=1 SHORTCUT=1"
POSTINSTALL Specify a file to perform post-installation

configuration on the system. To specify file paths
that contain spaces, enclose the paths in double
quotes (").
<installer-file> /s /v" /qn UNLICVER=1
POSTINSTALL=\"C:\\My Dir\\batch.exe\""

INSTALLDIR Install the software at a user-specified location.

With this argument, you can specify a folder
path of up to 240 characters (total string length
including special characters).
xxxx-xxxx-xxxx INSTALLDIR=\"C:\\My Dir\\McAfee\
\Solidcore\""
/l+*v Change the default location of the

Solidcore_Installer.log file. By default, this file is
placed in the SYSTEMROOT directory.
<installer-file> /s /v" /qn UNLICVER=1 /l+*v \"C:\
\Solidcore_Installer.log\""
5. Restart the system to complete the upgrade.

> sadmin end-update
Upgrade on the Linux platform
Upgrade the software in Silent mode on a Linux system.
Before you begin

Before upgrading on the Linux operating system, review KB82066 for information about the supported kernels. We add support
for new kernels through kernel release cycles. We recommend that you review the kernel list before upgrading. If the target
kernel is not mentioned in this article, there are two ways to get support:
• Compile the kernel module in your test environment and manually deploy to production endpoints. For more
• Request for kernel support through the McAfee Accept portal by filing a Product Enhancement Request (PER). For
Task
1. Log on to the system with administrator rights
2. Open a terminal and navigate to the directory containing the installer file.
3. Switch to Update mode.
# sadmin begin-update

Note
If your system is currently in Disabled mode, you can choose to upgrade in the current mode. If you are upgrading from
6.1.0 to a later release, restart the endpoint before upgrading.
4. Run the mapkg_install script file.

./mapkg_install.sh
The script file performs all upgrade-related tasks. For detailed information about the workflow, see Create builds for
unsupported Linux kernels.
5. Review the log file. See Verify the upgrade.
6. Restart the system to complete the upgrade.
# sadmin end-update
Verify the upgrade

Verify that the Change Control or Application Control software was upgraded successfully on the system.
Platform Steps
Verify on the Windows platform Run the sadmin version command to verify that the
correct version the software is listed.
Verify on the Linux platform

• Review the log file.
• If the upgrade succeeds, the

solidcoreS3_install_<rel>-<build>.log file is
created in the /var/log/mcafee/solidcore
directory.
• If the upgrade fails, the
solidcoreS3_install.log file is present in
the /tmp directory. For error details,
review the most-recent bitrock_installer.log
or bitrock_installer_<PID>.log file in
the /tmp directory. To further investigate
failures, contact McAfee Support (https://
mysupport.mcafee.com/) with the log file and
gatherinfo logs.
• Run this command to verify that the Solidcore

product is reported in the package database of
the system.
• For Linux (all distributions):

Platform Steps
# rpm -q solidcoreS3 solidcoreS3-kmod

solidcoreS3-<rel>-<build>
solidcoreS3-kmod-<rel>-<build>
• For Linux (Ubuntu):

dpkg -l solidcores3 solidcores3-kmod
solidcores3 <rel>-
<build> The McAfee Solidifier
provides a comprehensive control
solution for enterprise server
systems.
solidcores3-kmod <rel>-
<build> This package provides
the kernel component of McAfee
Solidifier for Linux.

4| Uninstalling the software
Uninstalling the software

Uninstall Change Control or Application Control.
Uninstall in Interactive mode

In Interactive mode, the installer starts a wizard that guides you through the uninstallation. Using Interactive mode you can
uninstall the software on Windows platform.
Uninstall on the Windows platform
Remove the software from a Windows system using Interactive mode.
Task
2. Switch to Disabled mode.
> sadmin disable
Note
Disabling the software requires a system reboot.
3. Start the installer.
• For Windows 7 and later, navigate to and open the Programs and Features window.
• For other Windows platforms, navigate to and open the Add or Remove Programs window.
4. Select McAfee Solidifier from the list of programs and click Remove.
A message prompts you to confirm if you want to remove the software.
5. Click Yes to proceed.
The software is removed from the system. During uninstallation, all software-related files are removed from the system. A
few files might remain on your system. Perform these steps to remove the remaining files:
• Empty Solidcore folder in the installation directory (typically, C:\Program Files\McAfee)

• Certificate folder if it contains any public certificates
If needed, you can manually delete these components.
Uninstall in Silent mode

To perform a silent uninstall, use the command-line options to suppress interaction and provide parameters for all options.
Using Silent mode you can uninstall the software on Windows and Linux platforms.

4| Uninstalling the software
Uninstall on the Windows platform
Remove the software from a Windows system using Silent mode.
Task
2. Open a command window and switch to Disabled mode.
> sadmin disable
Note
3. Run this command.

%SYSTEMROOT%\system32\msiexec.exe /X{432DB9E4-6388-432F-9ADB-61E8782F4593} /qn
Uninstall on the Linux platform
Remove the software from a Linux system using Silent mode.
Task
2. Open a terminal and switch to Disabled mode.
# sadmin disable
Note
3. Navigate to the installation directory.

By default, the software is installed in the /usr/local/mcafee/solidcore directory.
4. Run this command to uninstall the software.
# ./uninstall
5. (Optional) Verify uninstallation by reviewing the solidcoreS3_uninstall.log file in the /tmp directory.

5| Create builds for unsupported Linux kernels
Create builds for unsupported Linux kernels

Here is information about how to create builds for unsupported Linux kernels.
Application Control includes support for numerous kernels. This allows you to directly install the software on kernels listed in
KB82066. If you need to install on a kernel that is not listed in KB82066, you can perform one of these tasks:
• Create a build file for the target kernel (on a testbed) and manually deploy the build to other production endpoints.
• Submit an unsupported kernel request through support.
What are the possible deployment scenarios?
The installation workflow on the Linux operating system varies based on whether the target kernel is supported. Review KB82066
to verify whether support is available for the target kernel.
How do I install when the target kernel is supported?
Query Response
Has anything changed for me since the previous No. If the target kernel is supported, direct
release? installation occurs on the kernel.
Do I need to take care of any prerequisites? None.
How do I install? Perform the steps listed in Install on the Linux

platform.

How do I install when the target kernel is not supported?

Starting with the 6.1.0 release, we have included capability to create kernel modules for targets. You can create the needed build
on a testbed and manually deploy the kernel module to production endpoints running the same kernel.
Component Prerequisites How do I install?
Testbed Make sure that these tools are installed on the Make sure that the
testbed. Any non-conformance to the listed build testbed meets the
environment results in build and installation failures. prerequisites and then
follow the instructions
Build and packaging listed in Install on

• gmake (provided by
tools the Linux platform.
package make)
The needed build
• gcc (provided by
is placed in the
package gcc)
<install directory>/dks
• ld (provided by
directory and the
package binutils)
software is installed on
• ar (provided by
the testbed.
package binutils)
• rpmbuild (provided by
package rpm-build on
Red Hat and package
rpm on SUSE)
• cpio (provided by
package cpio)
Package versions
should be the same
as the versions that
are packaged with the
distribution ISO.
Kbuild framework Make sure that

framework is installed
under /lib/modules/
<kernelversion>/build/
(provided by package
kernel-source on SUSE
10, linux-headers on
Ubuntu distributions,
and package kernel-
devel on other
distributions).

Component Prerequisites How do I install?
Kernel source package If you are running a

3.5.x or later kernel,
make sure that you
download the kernel
source package and
place it in the /usr/src
directory.
Production endpoints Make sure that the

• No build or package tools are needed on
production endpoints. endpoints meet the
prerequisites and then
• Make sure that you create the /opt/solidcore
directory on each production endpoint. This follow the instructions
directory does not exist by default and must be listed in How do I
manually created. install on production

endpoints?.
Complete these steps to manually deploy a kernel module to production endpoints.
1. Create the /opt/solidcore directory on each production endpoint.

2. Fetch the created build from the <install directory>/dks directory of the testbed.
The file name includes kernel details. The naming convention followed for the builds is solidifier-kmod-<rel>-
<build>.<distro>.<kernel>.<arch>.<ext>. Here are details of the components in the file name:
• <distro> — the available distributions. LEL5 represents Red Hat Enterprise Linux 5, LEL6 represents Red Hat
Enterprise Linux 6, LSES10 represents SuSE Enterprise Linux 10, LSES11 represents SuSE Enterprise Linux 11, and
LUBT12 represents Ubuntu 12.
• <kernel> — the kernel for which the build was created.
• <arch> — i386 for 32-bit architecture and x86_64 for AMD 64-bit architecture.
• <ext> — .deb for Ubuntu and .rpm for other distributions.
Here is an example of a build created for the Red Hat Enterprise Linux 6 version: solidifier-
kmod-6.1.0-9321.LEL6.2.6.32-279.2.1.el6.i686.i386.rpm
3. Place the build in the /opt/solidcore directory of the endpoint. Contact your system administrator to distribute the created
build to production endpoints running the same kernel.
4. Follow the instructions listed in Install on the Linux platform.
Installation process
When you begin installation, the software executes the installation script that performs these checks and tasks.


6| Frequently asked questions
Frequently asked questions

Here are answers to frequently asked questions.
Can the same Solidcore client be used for Change Control and Application Control?
The license key determines the features available for use; any or all features can be used at a time. At any time, you can
add and enable a new stock-keeping unit (SKU) on a system where the Solidcore client is enabled. For example, if you are
currently using Change Control and want to add and use Application Control, complete these steps.
1. Disable the Solidcore client on the system.

2. Enter the license.
3. Enable the Solidcore client on the system.
Can the Solidcore client be deployed on a virtual machine?
The Solidcore client works on a virtual machine if the operating system installed on the virtual machine is supported by
the Solidcore client. For a list of the supported platforms, see KB76459 (for Change Control) and KB73341 (for Application
Control).
Can I use third-party software to distribute and deploy this software?
You can install, upgrade, or uninstall the Change Control and Application Control software using third-party tools, such as
Microsoft System Center Configuration Manager. For more information about software distribution, see the documentation
for your third-party tool.
While installing using the third-party tool, you must specify the commands to install the software. For more information
about the commands to use for installation, see Installing the software.
Before using the software distribution tool to upgrade the Change Control and Application Control software, assign
updater privileges to all relevant binary files of the tool. To assign updater privileges to a file, use this command.
updaters add <binary file>
I installed the Change Control and Application Control software in standalone configuration on the Windows platform. Can I
now use McAfee ePO to manage the system?
McAfee Agent installation Do this to use the system in

Is McAfee Agent installed? mode managed configuration
Yes — Installed before installing Managed No action required

Change Control or Application
Control


Yes — Installed before installing Unmanaged Connect McAfee Agent to the

Change Control or Application McAfee ePO server before
Control installing Change Control or
Application Control on the
system. You can then directly
use the system in managed
configuration.
Yes — Installed after installing Managed or Unmanaged

1. Type this command.
Change Control or Application
instaConfig.exe /connect
Control
Note: Make sure

the instaConfig.exe
file has updater
privileges.
McAfee Agent connects

with the Solidcore service
after the agent-server
communication interval
(ASCI) lapses. All McAfee
ePO-dependent features
are enabled at the
next policy enforcement
interval.
2. Reboot the system.
No Not applicable
1. Download the McAfee
Agent version that is
needed for your system.
See KB76459 (for Change
Control) and KB73341 (for
Application Control).
2. Install McAfee Agent in
Managed mode.
3. Type this command.
instaConfig.exe /connect


Note: Make sure

the instaConfig.exe
file has updater
privileges.
McAfee Agent connects

with the Solidcore service
after the agent-server
communication interval
(ASCI) lapses. All McAfee
ePO-dependent features
are enabled at the
next policy enforcement
interval.
4. Reboot the system.
I installed the Change Control and Application Control software in standalone configuration on the LINUX platform. Can I
now use McAfee ePO to manage the system?
For detailed information, review KB73661.
How can I manually remove the Solidcore client if there is an unclean uninstallation on a Windows system?
Perform these steps to clean the Windows system.
1. Switch to Disabled mode. > sadmin disable
Note
2. Disable McAfee VSE Access Protection, if installed.

3. Open a command window and run these commands: sc stop scsrvc sc delete scsrvc sc delete swin
4. Open Windows Explorer.
5. Delete these components:
• <system drive>:\Windows\System32\drivers\swin.sys or <system

drive>:\WINDOWS\system32\drivers\swin1.sys file
• All files in the <system drive>:\Solidcore directory
• <system drive>:\Program Files\McAfee\Solidcore directory

• <system drive>:\Documents and Settings\All Users\Start Menu\Programs\McAfee\Solidifier directory

6. Delete the {432DB9E4-6388-432F-9ADB-61E8782F4593} registry key. For detailed information, see 314481 article.
7. If the software is listed in the Add or Remove Programs list, navigate to HKEY_CLASSES_ROOT\Installer\Products key
and delete the entry corresponding for the software.
How can I manually remove the Solidcore client if there is an unclean uninstallation on a Linux system?
Run these commands to clean the Linux system.
# /etc/init.d/scsrvc stop
# chkconfig --del /etc/init.d/scsrvc
# rm -f /etc/init.d/scsrvc
# rpm -e solidcoreS3 --noscripts
# rpm -e solidcoreS3-kmod --noscripts
# rm -rf /opt/bitrock/solidcoreS3-*
# rm -rf /etc/mcafee
# rm -rf /var/log/mcafee
# rm -rf <install-dir>/mcafee/
# rm -f /usr/sbin/sadmin
When trying to install the software on the Windows platform using a non-administrative user account, I receive an error
message.
When you try to install the software by using a non-administrative user or standard user account under Administrators
group, this message appears:
Unable to save file C:\windows\Downloaded Installations\{D4BAC82D-A01B-47AC-AFC9-581EEBDD0F45}.
To successfully install the software, use an account with administrator rights. Or, if the user is a normal or standard user
account under the Administrators group, right-click the installer file in Windows Explorer and select Run as administrator.
How can I upgrade the kernel on my Linux system where Change Control or Application Control is installed?
1. Place Change Control or Application Control in Update mode. # sadmin begin-update

2. Install the new kernel.
3. Exit Update mode and place Change Control or Application Control in Enabled mode. # sadmin end-update
4. Review KB82066 to verify whether the target kernel is supported.
5. Perform one of these steps.
• If the target kernel is supported, boot with the new kernel to upgrade the software.
• If the target kernel is not supported, create a build on a testbed and then manually deploy created build to
production endpoints.
Make sure that the testbed meets the prerequisites. For detailed information, see Create builds for
unsupported Linux kernels.

Note
If the target kernel is not supported and you have filed a PER to get support, upgrade the software
before booting with the new kernel.
Perform one of these tasks:
If Change Control or Application Control was already installed on the testbed, boot with the
new kernel to upgrade the software.
If Change Control or Application Control is not installed on the testbed, install the software
on the testbed by following the instructions listed in Create builds for unsupported Linux
kernels.
Create the /opt/solidcore directory on the endpoint.

Fetch the created build from the <install directory>/dks directory of the testbed and place it in
the /opt/solidcore directory of the endpoint. Contact your system administrator to fetch the created
build to the endpoint.
Boot with the new kernel to upgrade the software. Regardless of the mode in which the Change
Control or Application Control is running, the software automatically detects the new kernel.
I installed Change Control or Application Control on kernel 2.6.32–279.EL6.x86_64. Will my existing

setup work accurately if I upgrade to 2.6.32–279.1.1.EL6.x86_64, 2.6.32–279.2.1.EL6.x86_64, or any
other similar kernel?
While it seems like only minor differences exist between the kernels, 2.6.32–279.1.1.EL6.x86_64 and 2.6.32–279.2.1.EL6.x86_64
are different from the installed kernel 2.6.32–279.1.1.EL6.x86_64. Because these are different, you must follow the workflow that
you would follow when you upgrade the kernel.
To verify if two kernels are the same, check the output of the uname -r for both kernels. If the outputs for both commands
match, the kernels are that same. A few accepted exceptions exist for SuSE 11. For example, if kernel 3.0.80–0.7.1 is installed,
output for the uname -r command kernel is 3.0.80–0.7.
I installed Change Control or Application Control and am now unable to place my Linux system in
Enabled mode. Or, I am unable to place my Linux system in Enabled or Update mode from Disabled
mode. What could be the cause?
If your target kernel is not supported, the software automatically creates the required build for the installed kernel (if all
prerequisites are available). After installation is complete, the software runs the sanity suite to validate the installation. You might
be unable to place the endpoint in Enabled mode if the sanity suite fails.
Review and verify the results of the sanity suite by viewing the contents of the RESULTS file stored in the /usr/local/mcafee/
solidcore/sanity directory. Contact McAfee Support if the sanity suite has failed.
On the Ubuntu platform, I am trying to create a kernel module for a target kernel and have
completed the prerequisites for the testbed. But, I am still unable to create a build for a target kernel.
Before you create a kernel module for a 3.5.x or later kernel on the Ubuntu platform, you must install the source package of
the kernel. Verify the folder name of the kernel source package that is placed in the /usr/src directory. Make sure that the folder
name is similar to linux-lts-<release-name>-<kernel x.x.x>.

For example, if you are running the 3.8.0-41-generic kernel, the corresponding directory is /usr/src/linux-lts-raring-3.8.0.
Similarly, for kernel 3.5.0-23-generic the corresponding directory is /usr/src/linux-lts-quantal-3.5.0.

COPYRIGHT
Copyright © 2023 Musarubra US LLC.
Trellix and FireEye are the trademarks or registered trademarks of Musarubra US LLC, FireEye Security Holdings US LLC and their affiliates in the
US and /or other countries. McAfee is the trademark or registered trademark of McAfee LLC or its subsidiaries in the US and /or other countries.
Skyhigh Security is the trademark of Skyhigh Security LLC and its affiliates in the US and other countries. Other names and brands are the
property of these companies or may be claimed as the property of others.

Mcafee Application Control 8.0.0 Installation Guide

Uploaded by

Copyright:

Available Formats

Mcafee Application Control 8.0.0 Installation Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Mcafee Application Control 8.0.0 Installation Guide

Uploaded by

Copyright:

Available Formats

McAfee Application Control 8.0.

About this guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Find product documentation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Installing the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Procure the installer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Install in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Install on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Install in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Install on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Install on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Verify the installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Verify on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Verify on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Upgrading the software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Before you begin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Upgrade in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Upgrade on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Upgrade in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Upgrade on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Upgrade on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Verify the upgrade. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Uninstall in Interactive mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Uninstall on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Uninstall in Silent mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Uninstall on the Windows platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Uninstall on the Linux platform. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Create builds for unsupported Linux kernels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Frequently asked questions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

About this guide

The information in this guide is intended primarily for:

This guide uses these typographical conventions and icons.

Italic Title of a book, chapter, or topic; a new term;

Bold Text that is emphasized

Monospace Commands and other text that the user types; a

Narrow Bold Words from the product interface like options,

Hypertext blue A link to a topic or to an external website

Note: Extra information to emphasize a point,

Tip: Best practice information

4 McAfee Application Control 8.0.0 Installation Guide (Unmanaged)

Caution: Important advice to protect your computer

Warning: Critical advice to prevent bodily harm

Find product documentation

McAfee Application Control 8.0.0 Installation Guide (Unmanaged) 5

Installing the software

Windows Make sure that the product is not installed in

6 McAfee Application Control 8.0.0 Installation Guide (Unmanaged)

registry key named DfsIrpStackSize under

Linux Review KB82066 for information about the

Compile the kernel module in your test

Procure the installer

McAfee Application Control 8.0.0 Installation Guide (Unmanaged) 7

2. Save the package file to an accessible location.

<os> Indicates the operating system to which the

Install in Interactive mode

Install on the Windows platform

Install the software in Interactive mode on a Windows system.

8 McAfee Application Control 8.0.0 Installation Guide (Unmanaged)

7. Specify the installation folder.

Install in Silent mode