Trellix ePO On-prem 5.10.0 Service pack 1 Update 3 upgrade
It is worth pointing out that, Trellix ePO – On-prem 5.10.0 introduces a new strategy with the release of cumulative updates instead of patches. Updates address product defects and often introduce new features. Because updates are cumulative, you only need to apply the latest available Trellix update. Please take a look at “Trellix ePolicy Orchestrator Installation on Windows Server” for more information. In this article, we shall discuss how to perform Trellix ePO On-prem 5.10.0 Service pack 1 Update 3 upgrade.
I will use this guide to apply any subsequent update in the future. I have also documented the steps to apply Service pack 1 Update 5 in this guide. Here is how to fix Trellix ePO DAT and Engine Packages missing and upgrade to Service pack 1 Update 4.
Note: Here is a similar guide on how to perform Trellix upgrade. The only difference here is that this guide specifies the update version that is being applied in the title. Here is another guide on how to Fix Trellix ePO DAT and Engine Packages missing.
Please, also see “ePO Server Settings: Trellix ePO AD integration and ENS Agents Installation, how to fix Fix unable to login to Trellix ePO with Windows authentication, and how to “forcefully remove Language Pack on Windows 10 and 11.
Stay informed about new Trellix Updates
One of the options is to subscribe to Trellix ePO releases. Alternatively, you could search for Updates on the Trellix website. You can do this by specifing your product name and version to find relevant updates.
Note: Trellix customers must have a current Technical Support agreement in order to be entitled to download product updates and upgrades. This includes the engine and DAT updates.
Upgrade Trellix Orchestrator to Update 3
Trellix advises you always to upgrade ePO 5.10.0 with the latest release as soon as possible. Trellix ePO On-prem 5.10.0 Service pack 1 Update 3 supports new features and addresses the known issues, including security fixes and performance as shown in the email attachment above.
To download Trellix ePO – On-prem 5.10.0 Service pack 1 Update 3. Navigate to the Product Downloads site or the ePO Software Catalog.
I have decided to use the Trellix Software Catalog to download this update. To do this, navigate to Trellix Main Menu and under “Software”, click on Software Catalog.
To simplify things since Trellix has got tons of products. I will search for ePO. This will display results for all related searches and have them all selected.
Uncheck all and select only the relevant update as shown below and click on download.
As you can see, the download is in progress and completed shortly in the second download image below.
Please see how to fix “Could not connect to virtual machine try to connect again Hyper-V“, and how to fix “Fix 0xc000007b Error on Windows 11 While Launching a Game“.
Extract ePO Update File
This time, we have to extract the downloaded “ePO 5.10.0 Service Pack 1 Update.zip” and extract them to any location of you choice.
Extraction is in progress
Upon extract, you will see the ePOUpdater.exe. We will be using this file to upgrade our Orchestrator very shortly.
Here is how to Integrate Postman With GitHub, and how to Perform BitLocker Recovery Password Rotation in Active Directory.
Stop ePO Orchestrator Services
There are various ways to achieve this in Windows. In this guide, I will show you how to launch the services manager via the run command.
Search for “RUN” and in the RUN dialog box, enter “services.msc” to launch the services manager.
Ensure all the Services relating to Trellix ePolicy Orchestrator are stopped.
Double check and you may also manually stop an additional service having the Trellix ePolicyOrchestrator service.
Apply Trellix ePoliy Orchestrator Service Pack 1 Update 3
Launch the ePO updater tool as hsown above. In the ePO Updater tool. Some of these information will be pre-populated. Enter your password and accept the license agreement. Click continue to progress.
View the update information and improvements. Please see Fixes to Trellix ePolicy Orchestrator Installation Errors.
Click continue to proceed. On the Apply Update prompt, click OK.
As you can see below, the update has started.
This process is usually very fast. Click Finish to complete the upgrade process.
Note: The following steps apply to all remote agent handlers. Follow the steps on each agent handler in your environment after you install the latest update.
Confirm Trellix ePO Update
Note: After this step, all the services will be started again. Logon to the ePO Orchestrator -On-prem server again with your credentials.
Upon accessing the ePO URL. From experience, you may need to clear your browser cache if you are experiencing issues before proceeding. This time, there was no error., but just for your information.
From the dashboard, click on the Main Menu button and you should be able to see as shown below that the update has been applied correctly.
When installing the lastest updates, please bear in mind that these two errors can occur. How to disable SQL Auto Close: Auto Close is enabled for both ePO and ePO Events Databases and how to Change SQL Database Collation: ePO events DB and SQL server should match with ePO core collation.
Upgrade Trellix Orchestrator to Update 5
Since this is a new installation, I will proceed and download the Service Pack 1 Update 5 for ePolicy Orchestrator upgrade.
Upon download, proceed with the extraction as shown below
Run the Upgrade file and fix any errors when prompted during login.
Now, enter your credential and continue.
Note: You are required to remove the extension below. Start the services once again, and access the ePO dashboard.
From the main Menu, under Software, click on Extension to remove ContentFeed Extension. When prompted, click on “Force removal, bypassing any checks or errors”.
Stop the services once again and proceed with the upgrade. Click on continue in order to apply the updates.
As you can see below, the update is successful and the services are being started.
Wait for the services to restart as this can take a while. You can now see also from the main menu the update version installed.
FAQs
How does Trellix agent communicate over the internet and within the network?
The Trellix Agent (TA), formerly known as the McAfee Agent, facilitates communication between endpoints and the ePolicy Orchestrator (ePO) server. The Trellix agent communicate with the ePolicy Ochestrator (ePO) and does this by initiating an Agent-server communication (ASCI) over secure channel on port 443. Here’s how it works (Agent-Server Communication (ASCI) Workflow):
– TA initiates an ASCI session by collecting properties from all installed products on the endpoint. It generates a Property Version (PropsVersion), which ePO uses to determine whether to request a full property package or accept the incremental package sent by TA.
– The communication occurs over secure port 443 (TCP).
– If your network blocks direct communication between TA and the ePO server, the Agent Relay bridges this gap. It allows systems with direct connectivity to the ePO server to use TA effectively2.
Note: For successful communication, ensure that the following ports are accessible:
Outbound: Secure port 443 (TCP) for agent-server communication. Direct-hosted SMB traffic: Port 445 (TCP and UDP) without NetBIOS.
In summary, TA can communicate both over the internet and within your network, ensuring effective management and security
Is it possible to manage Mac devices without the Trellix Agent installed?
Without the Trellix ENS agent installed on Mac endpoint, it is not possible to manage those devices from the ePO server. Therefore, the right access to the System Tree cannot be granted at this point.
I hope you found this article on how to perform Trellix ePO On-prem 5.10.0 Service pack 1 Update 3 upgrade very useful. Please feel free to leave a comment below.
