McAfee for Marshal

Version: 6.1.2, Last Revision: October 30, 2017

McAfee for Marshal is a configuration and update tool that allows the McAfee anti-virus engine to be used with Trustwave content scanning products (SEG, ECM, and WebMarshal).

These notes are additional to the Help or other documentation.

The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q20802.

Important Notes About This Release
What's New
Upgrading McAfee for Marshal
Uninstalling McAfee for Marshal
Change History

Important Notes About This Release

This release supports ONLY the following Trustwave content scanning product releases:
- Trustwave SEG version 7.3 and above.
- WebMarshal version 6.10.0 and above
- Trustwave ECM (MailMarshal Exchange) 7.1.5 and above
This release is supported on Windows 2008 (SP2) and above.
When migrating from 32 bit to 64 bit installations (currently Trustwave SEG 7.x to 8.x), install the 64 bit version of McAfee for Marshal BEFORE migrating the main product.
All supported products installed on a server must be running a supported release BEFORE you upgrade McAfee for Marshal. The installer checks for supported versions.

What's New

For more information about additional minor features and bug fixes, see the change history.

Version 6.1

Native 64-bit support: McAfee for Marshal is available in a native 64-bit version as well as a 32-bit version. Both versions can be installed on the same system. Use the 64-bit installation with SEG version 8.x and other forthcoming content scanning releases that use a native 64-bit scanning engine.
More frequent DAT checking schedules are available.
The product is rebranded for Trustwave (including installation location).

Version 6.0

Supports installation on Windows Vista and Windows Server 2008 (32 and 64 bit versions)
Now uses incremental DAT updates from McAfee
Allows for automatic download and update of the McAfee Engine
Allows for standalone installation of the updater on a server where no Marshal product is installed
Allows DAT and Engine updates to be retrieved from a local URL by HTTP or FTP, as well as by UNC path or local file share

Upgrading

To upgrade from earlier versions of McAfee for Marshal, ensure that no SEG or ECM Configurator or WebMarshal Console instances are running, and then run the product installer. Version 6.1 supports upgrade from 6.0 and above only. If a version earlier than 6.0 is installed, you must uninstall it and then install version 6.1.

After upgrading, verify the HTTP proxy settings for the Engine update if required in your network. The upgrade process duplicates the existing proxy settings used for the DAT files updates. See the Engine Updates tab of the configuration tool.
If you are using a custom URL for engine updates, this will no longer work after upgrade due to a change in the required format. Contact Trustwave for assistance.
Upgrading restarts the scanning product Engine and Controller services in some cases.
The upgrade installer may not be able to delete the engine file (mcscan32.dll) in some cases. If you encounter this issue, see Trustwave Knowledge Base article Q12218.

Uninstalling

To uninstall McAfee for Marshal:

Remove the McAfee for Marshal scanner from all scanning rules.
Delete the McAfee for Marshal scanner from the list of scanners in each installed product.
Restart the Engine services for each product. If the server has not been restarted since McAfee for Marshal was installed, restart the SEG, ECM, or WebMarshal Controller.
Close the SEG or ECM Configurator and WebMarshal Console.
Use the Add/Remove Programs control panel to uninstall McAfee for Marshal.

Change History

The following additional items have been changed or updated in the specific build versions of McAfee for Marshal listed.

To check for any later information, please see Trustwave Knowledge Base article Q20802.

6.1.2 October 30, 2017

MFM-48	In earlier 6.1 releases the updater always used a proxy server if a server name was entered (ignoring the "use a proxy" checkbox). Fixed.
MFM-49	Discovery of SEG and ECM license keys is improved.

6.1.1.1544 August 14, 2017

MFM-41

McAfee for Marshal now uses an updated web access component for access to updates, to avoid issues with certificate validation when using a proxy.

6.1.0.1027 June 6, 2017

MFM-2	Installation and registry locations are updated to the default Trustwave locations.
MFM-6	The product is rebranded for Trustwave.
MFM-12	The available frequencies for DAT checks have changed. You can choose to check as often as every 10 minutes. The default check is hourly.
MFM-21	When extraction of downloaded DAT files failed, the download was not retried. Fixed.
MFM-22	Service executable paths were not quoted. Fixed.
MFM-37	Old copies of the scan engine were not correctly unloaded after an engine update. Fixed.

6.0.4.8606 December 14, 2009

VS-381	Upgrading to version 6.0.3 did not stop the MailMarshal engine when required to replace the MSMcAfee.dll file. Fixed.
VS-385	Update to the install logic was required due to change in the MailMarshal Exchange registry location.

6.0.3.8294 October 21, 2009

VS-367	The MailMarshal engine could stop unexpectedly if configuration was being reloaded under heavy email load. Fixed.
VS-375	Visual C++ redistributable versions included in the installer have been updated.

6.0.2.7263 April 22, 2009

VS-355

If directories were locked during update, the update was not completed and all unsuccessful update files were never deleted. Fixed.

6.0.1.6519 December 12, 2008

VS-323	MailMarshal Exchange 5.2 is the minimum version supported. 5.1.1 is no longer supported.
VS-262	Files marked as "offline" were not scanned by the McAfee engine and an error could result. Fixed.
VS-280	The Registry and directory structure have changed from previous versions.
VS-284	A file deletion utility could delete too many items in some rare circumstances. Fixed.

For earlier changes, see the release notes for previous releases of this product.

Legal Notice

All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.

The most current version of this document may be obtained from Trustwave Knowledge Base article Q20802.

Trademarks

Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.

About Trustwave®

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.