                  Release Notes for
       McAfee(R) Common Management Agent (CMA)
                    Version 3.5.0
 Copyright (C) 2004 Networks Associates Technology,
              Inc. All Rights Reserved


Thank you for using Common Management Agent
software. This file contains important information
regarding this release. We strongly recommend that
you read the entire document.

   IMPORTANT:
   McAfee strongly recommends that you use any
   pre-release software (joint development, beta, or
   release candidate) in a test environment only.
   Pre-release software should not be installed in a
   production environment.

   McAfee does not support automatic upgrading of a
   pre-release version of the software. To upgrade
   to a later joint development release, beta
   release, a release candidate, or a production
   release of the software, you must first uninstall
   the existing version of the software.


_____________________________________________________
WHAT'S IN THIS FILE

-   Product Overview
-   New Features
-   Files Included with This Release
-   Installation
   -   Installer Change
   -   Installing This Release
   -   Uninstalling This Release
-   Known Issues
-   Participating in the McAfee Beta Program
-   Contact Information
-   Copyright And Trademark Attributions
-   License & Patent Information


_____________________________________________________
PRODUCT OVERVIEW

Common Management Agent is a security management
client that simplifies anti-virus management tasks
for network administrators, and can be used by the
McAfee ePolicy Orchestrator server to manage
clients.


_____________________________________________________
NEW FEATURES

This release of the Common Management Agent contains
the following new feature:

-   Selective Update. This feature, which is
    available only when using ePolicy Orchestrator
    3.5, provides an option for selecting which
    categories of updates you want to apply to
    client computers.

-   Trusted Connection. This feature allows you to
    configure Cisco hardware to check the virus
    protection compliance of VirusScan Enterprise
    8.0 before allowing a network connection. For
    more information, see the Trusted Connection
    Implementation Guide posted on the VirusScan
    Enterprise web site.



_____________________________________________________
FILES INCLUDED WITH THIS RELEASE

This release consists of the following files:

CMA350L[language].ZIP =
       Contains an extracted FramePkg.EXE to be used
       with ePolicy Orchestrator.

Readme.txt =
       This text file.


_____________________________________________________
INSTALLATION

NOTE
For full installation and system requirements, see
the documentation for the appropriate McAfee product
(for example, VirusScan Enterprise or ePolicy
Orchestrator).

This section contains:

-   Installer Change
-   Installing this Release
-   Uninstalling this Release


INSTALLER CHANGE

In this release of the Common Management Agent, the
reference-counting mechanism has changed.  As a
result, the following command line is now a valid
way to upgrade your Common Framework installation:

       FramePkg /Install=Updater


INSTALLING THIS RELEASE

This section contains the following information for
ePolicy Orchestrator 3.0.x users:

-   Checking The Agent Package Into The Master
    Repository, and Creating The New Agent
    Installation Package

-   Replicating Agent Package To Distributed
    Repositories



1. CHECKING THE AGENT PACKAGE INTO THE MASTER
REPOSITORY AND CREATING THE NEW AGENT INSTALLATION
PACKAGE

   NOTE
   You cannot check in packages while pull or
   replication tasks are executing.

   1.  Log on to the desired ePolicy Orchestrator
       server using a global administrator user
       account.

   2.  In the console tree under "ePolicy
       Orchestrator" | <SERVER>, select
       "Repository."

   3.  In the details pane under "AutoUpdate Tasks,"
       click "Check in package." The "Check in
       package" wizard appears.

   4.  Click "Next" to open the package type dialog
       box.

   5.  Select "Products or updates," then click
       "Next." The catalog file dialog box appears.

   6.  Select the package catalog (PKGCATALOG.Z)
       file from the temporary folder where you
       downloaded it. You can type the path to this
       file, or click "Browse" to select it, then
       click "Next." The summary dialog box
       appears.

   7.  Click "Finish" to check in the package.

   8.  Click "Close" after the package has been
       checked in.

   9.  Stop the "McAfee ePolicy Orchestrator 3.0
       Server" service. This procedure varies
       depending on the operating system. For
       instructions, see the operating system
       product documentation.

   10. Delete the FRAMEPKG.EXE and FRAMEWORK.Z files
       from this location in the installation
       directory:

       [installation directory]\DB\SOFTWARE\CURRENT\EPOAGENT3000\INSTALL\0409

       The default location of the installation
       directory is:

       C:\PROGRAM FILES\NETWORK ASSOCIATES\EPO\3

       If you upgraded the software from version
       2.0, 2.5, or 4.5.1, the default location is:

       C:\PROGRAM FILES\MCAFEE\EPO\2.0

   11. Restart the "McAfee ePolicy Orchestrator 3.0
       Server" service.


2. REPLICATING AGENT PACKAGE TO DISTRIBUTED
REPOSITORIES

   Note: Since local distributed repositories can be
   accessed only from client computers, replication
   tasks do not copy packages from the master
   repository to local distributed repositories; you
   must manually update local distributed
   repositories with the desired packages.

1.  Log on to the desired ePolicy Orchestrator
    server using a global administrator user
    account.

2.  In the console tree under "ePolicy Orchestrator"
    | <SERVER>, select "Repository."

3.  In the details pane under "AutoUpdate Tasks,"
    click "Replicate now." The "Replicate Now"
    wizard appears.

4.  Click "Next" to open the distributed
    repositories dialog box.

5.  Click "Select All" to select all global and
    SuperAgent distributed repositories, then click
    "Next." The replication type dialog box
    appears.

6.  Select "Incremental replication," then click
    "Finish" to run the task.

7.  Click "Close" after the task has completed.



UNINSTALLING THIS RELEASE

To uninstall this release, run the following command
at the prompt:

       FramePkg.exe /Remove=Agent

   NOTE:
   For silent mode installation, you can use the
   /Silent switch.


_____________________________________________________
KNOWN ISSUES


1.  Selective updating is available to only ePolicy
    Orchestrator 3.5 users. If you use ePolicy
    Orchestrator 3.0 or 3.1, you cannot use
    selective updating, even if you have checked in
    the Common Management Agent version 3.5.

2.  When installing the agent from a command line,
    the macro named <SOFTWARE_INSTALLED_DIR>, which
    is supposed to expand into the correct
    installation directory path, does not work. Do
    not use this macro parameter when installing the
    agent.

3.  On some systems running Windows XP Service Pack
    2, the Common Management Agent may not update
    correctly. To fix this issue, add the Framework
    Service to the Exceptions List of the Microsoft
    Windows firewall. To do so:

   a.  Log into the computer as an administrator.
   b.  Open My Network Places | Properties.
   c.  Click "Change Windows Firewall Settings."
   d.  Select the "Exceptions" tab.
   e.  Click the "Add Program" button, and browse to
       select the "Framework Services" program.
       Click "OK."
   f.  Make sure "Framework Services" is selected in
       the list of programs on the Exceptions tab.
   g.  Click "OK" to save your changes. (202875)

4.  The Common Management Agent fails to initialize
    on computers with a Pentium 90 processor or
    earlier. This is due to a timeout in the Windows
    Service Manager. A Pentium 133Mhz or later is
    required. (201872)

5.  Custom agent installation packages
    (FRAMEPKG.EXE) with embedded user credentials
    might not install successfully on computers
    using these operating systems:

   -   Windows 2000 Advanced Server with Service
       Pack 4 or later.
   -   Windows 2000 Server with Service Pack 4 or
       later.
   -   Windows Server 2003 Enterprise.
   -   Windows Server 2003 Standard.
   -   Windows XP Service Pack 2.

   The workaround is:

   On computers using the operating systems listed
   above, make the following changes to the security
   settings before installing custom agent
   installation packages on them:

   a.  Log on to the desired computer using a user
       account with local administrator
       permissions.
   b.  Run SECPOL.MSC to open the "Local Security
       Settings" dialog box.
   c.  In the console tree under "Security Settings"
       | "Local Policies," select "User Rights
       Assignment."
   d.  In the details pane, double-click
       "Impersonate a client after authentication"
       in the "Policy" column to open the "Local
       Security Policy Setting" dialog box.
   e.  Click "Add" to open the "Select Users or
       Groups" dialog box.
   f.  Select the user or group that the end user is
       likely to run as; for example, "Everyone" or
       "Users," then click "Add."
   g.  Click "OK" twice to save the current
       entries.
   h.  On Windows 2000 computers, you need to
       restart the computer before the changes
       become effective.

   At press time, information about this issue
   (impersonating a client after authentication) and
   instructions for troubleshooting it were
   available on the Microsoft web site:

       http://support.microsoft.com/default.aspx?scid=kb;en-us;821546

__________________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the
latest beta information, visit the beta web site:

       http://www.networkassociates.com/us/downloads/beta/mcafeebetahome.htm

To submit your feedback on any McAfee beta product,
send e-mail to:

       avbeta@nai.com

McAfee is devoted to providing solutions based on
your input.


__________________________________________________________
CONTACT INFORMATION

Technical Support
   Home Page
       http://www.networkassociates.com/us/support/

   KnowledgeBase Search
       https://knowledgemap.nai.com/phpclient/homepage.aspx

   PrimeSupport Service Portal
       https://mysupport.nai.com

   Login credentials required.


McAfee Beta Program
   Beta Web Site
       http://www.networkassociates.com/us/downloads/beta/mcafeebetahome.htm

   E-mail
       avbeta@nai.com


Security Headquarters:  AVERT
(Anti-Virus & Vulnerability Emergency Response
Team)
   Home Page
       http://www.networkassociates.com/us/security/home.asp

   Virus Information Library
       http://vil.nai.com

   AVERT WebImmune
       https://www.webimmune.net/default.asp

   Submit a Virus Sample
       http://vil.nai.com/vil/submit-sample.asp

   AVERT DAT Notification Service
       http://vil.nai.com/vil/join-DAT-list.asp


Download Site
   Home Page
       http://www.networkassociates.com/us/downloads/

   DAT File and Engine Updates
       http://www.networkassociates.com/us/downloads/updates/

       ftp://ftp.nai.com/pub/antivirus/datfiles/4.x

   Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

   Valid grant number required.
   Contact Customer Service


Training
   McAfee Security University
       http://www.networkassociates.com/us/services/education/mcafee/university.htm


Customer Service
   US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday-Friday, 8am-8pm, Central Time

   E-mail:    https://secure.nai.com/us/forms/support/request_form.asp

   Web:       http://www.nai.com/us/index.asp
              http://www.networkassociates.com/us/support/default.asp

For additional contact information (including
addresses and toll-free numbers for worldwide
offices), see the CONTACT file that accompanied your
original product release.


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2004 Networks Associates Technology,
Inc. All Rights Reserved. No part of this
publication may be reproduced, transmitted,
transcribed, stored in a retrieval system, or
translated into any language in any form orbyany
means without the written permission of Networks
Associates Technology, Inc., or its suppliers or
affiliate companies. To obtain this permission,
write to the attention of the Network Associates
legal department at: 5000 Headquarters Drive, Plano,
Texas 75024, or call +1-972-963-8000.


TRADEMARKS

Active Firewall, Active Security, ActiveSecurity (in
Katakana), ActiveHelp, ActiveShield, AntiVirus
Anyware and design, Bomb Shelter, Certified Network
Expert, Clean-Up, CleanUp Wizard, ClickNet, CNX, CNX
Certification Certified Network Expert and design,
Covert, Design (Stylized E), Design (Stylized N),
Disk Minder, Distributed Sniffer System, Distributed
Sniffer System (in Katakana), Dr Solomon's, Dr
Solomon's label, Entercept, Enterprise SecureCast,
Enterprise SecureCast (in Katakana), ePolicy
Orchestrator, EZ SetUp, First Aid, ForceField, GMT,
GroupShield, GroupShield (in Katakana), Guard Dog,
HomeGuard, Hunter, IntruShield, Intrusion Prevention
Through Innovation, IntruVert Networks, LANGuru,
LANGuru (in Katakana), M and Design, McAfee, McAfee
(in Katakana), McAfee and design, McAfee.com, McAfee
VirusScan, NA Network Associates, Net Tools, Net
Tools (in Katakana), NetCrypto, NetOctopus, NetScan,
NetShield, NetStalker, Network Associates, Network
Associates Coliseum, NetXray, NotesGuard, Nuts &
Bolts, Oil Change, PC Medic, PCNotary, PrimeSupport,
Recoverkey, Recoverkey - International, Registry
Wizard, RingFence, Router PM, SecureCast,
SecureSelect, Sniffer, Sniffer (in Hangul),
SpamKiller, Stalker, TIS, TMEG, Total Network
Security, Total Network Visibility, Total Network
Visibility (in Katakana), Total Virus Defense,
Trusted Mail, UnInstaller, Virex, Virus Forum,
ViruScan, VirusScan, WebScan, WebShield, WebShield
(in Katakana), WebSniffer, WebStalker, WebWall,
What's The State Of Your IDS?, Who's Watching Your
Network, WinGauge, Your E-Business Defender, Zip
Manager are registered trademarks or trademarks of
Network Associates, Inc. and/or its affiliates in
the US and/or other countries.  Sniffer(R) brand
products are made only by Network Associates, Inc.
All other registered and unregistered trademarks
herein are the sole property of their respective
owners.


_____________________________________________________
LICENSE & PATENT INFORMATION

LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO NETWORK ASSOCIATES OR THE PLACE OF
PURCHASE FOR A FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/).
*Cryptographic software written by Eric A. Young and
software written by Tim J. Hudson. *Some software
programs that are licensed (or sublicensed) to the
user under the GNU General Public License (GPL) or
other similar Free Software licenses which, among
other rights, permit the user to copy, modify and
redistribute certain programs, or portions thereof,
and have access to the source code. The GPL requires
that for any software covered under the GPL which is
distributed to someone in an executable binary
format, that the source code also be made available
to those users. For any such software covered under
the GPL, the source code is made available on this
CD. If any Free Software licenses require that
Network Associates provide rights to use, copy or
modify a software program that are broader than the
rights granted in this agreement, then such rights
shall take precedence over the rights and
restrictions herein.  *Software originally written
by Henry Spencer, Copyright 1992, 1993, 1994, 1997
Henry Spencer.  *Software originally written by
Robert Nordier, Copyright (C) 1996-7 Robert Nordier.
*Software written by Douglas W. Sauder.  *Software
developed by the Apache Software Foundation
(http://www.apache.org/). A copy of the license
agreement for this software can be found at
www.apache.org/licenses/LICENSE-2.0.txt.
*International Components for Unicode ("ICU")
Copyright (C) 1995-2002 International Business
Machines Corporation and others.  *Software
developed by CrystalClear Software, Inc., Copyright
(C) 2000 CrystalClear Software, Inc. *FEAD(R)
Optimizer(R)  technology, Copyright Netopsystems AG,
Berlin, Germany. *Outside In(R)  Viewer Technology
(C) 1992-2001 Stellent Chicago, Inc. and/or Outside
In(R) HTML Export, (C) 2001 Stellent Chicago, Inc.
*Software copyrighted by Thai Open Source Software
Center Ltd. and Clark Cooper, (C) 1998, 1999, 2000.
*Software copyrighted by Expat maintainers.
*Software copyrighted by The Regents of the
University of California, (C) 1989.  *Software
copyrighted by Gunnar Ritter.  *Software copyrighted
by Sun Microsystems(R), Inc. (C) 2003.  *Software
copyrighted by Gisle Aas. (C) 1995-2003.  *Software
copyrighted by Michael A. Chase, (C) 1999-2000.
*Software copyrighted by Neil Winton, (C) 1995-1996.
*Software copyrighted by RSA Data Security, Inc.,
(C) 1990-1992.  *Software copyrighted by Sean M.
Burke, (C) 1999, 2000.  *Software copyrighted by
Martijn Koster, (C) 1995.  *Software copyrighted by
Brad Appleton, (C) 1996-1999.  *Software copyrighted
by Michael G. Schwern, (C) 2001.  *Software
copyrighted by Graham Barr, (C) 1998.  *Software
copyrighted by Larry Wall and Clark Cooper, (C)
1998-2000.  *Software copyrighted by Frodo
Looijaard, (C) 1997.  *Software copyrighted by the
Python Software Foundation, Copyright (C) 2001,
2002, 2003. A copy of the license agreement for this
software can be found at www.python.org.  *Software
copyrighted by Beman Dawes, (C) 1994-1999, 2002.
*Software written by Andrew Lumsdaine, Lie-Quan Lee,
Jeremy G. Siek (C) 1997-2000 University of Notre
Dame.  *Software copyrighted by Simone Bordet &
Marco Cravero, (C) 2002.  *Software copyrighted by
Stephen Purcell, (C) 2001.  *Software developed by
the Indiana University Extreme! Lab
http://www.extreme.indiana.edu/).  *Software
copyrighted by International Business Machines
Corporation and others, (C) 1995-2003.  *Software
developed by the University of California, Berkeley
and its contributors.  *Software developed by Ralf
S. Engelschall <rse@engelschall.com> for use in the
mod_ssl project (http://www.modssl.org/).  *Software
copyrighted by Kevlin Henney, (C) 2000-2002.
*Software copyrighted by Peter Dimov and Multi Media
Ltd. (C) 2001, 2002.  *Software copyrighted by David
Abrahams, (C) 2001, 2002. See
http://www.boost.org/libs/bind/ bind.html for
documentation.  *Software copyrighted by Steve
Cleary, Beman Dawes, Howard Hinnant & John Maddock,
(C) 2000.  *Software copyrighted by Boost.org, (C)
1999-2002.  *Software copyrighted by Nicolai M.
Josuttis, (C) 1999.  *Software copyrighted by Jeremy
Siek, (C) 1999-2001.  *Software copyrighted by
Daryle Walker, (C) 2001.  *Software copyrighted by
Chuck Allison and Jeremy Siek, (C) 2001, 2002.
*Software copyrighted by Samuel Krempp, (C) 2001.
See http://www.boost.org for updates, documentation,
and revision history.  *Software copyrighted by Doug
Gregor (gregod@cs.rpi.edu), (C) 2001, 2002.
*Software copyrighted by Cadenza New Zealand Ltd.,
(C) 2000.  *Software copyrighted by Jens Maurer, (C)
2000, 2001.  *Software copyrighted by Jaakko Jrvi
(jaakko.jarvi@cs.utu.fi), (C) 1999, 2000.  *Software
copyrighted by Ronald Garcia, (C) 2002.  *Software
copyrighted by David Abrahams, Jeremy Siek, and
Daryle Walker, (C) 1999-2001.  *Software copyrighted
by Stephen Cleary (shammah@voyager.net), (C) 2000.
*Software copyrighted by Housemarque Oy
<http:// www.housemarque.com>,(C) 2001.  *Software
copyrighted by Paul Moore, (C) 1999.  *Software
copyrighted by Dr. John Maddock, (C) 1998-2002.
*Software copyrighted by Greg Colvin and Beman
Dawes, (C) 1998, 1999.  *Software copyrighted by
Peter Dimov, (C) 2001, 2002.  *Software copyrighted
by Jeremy Siek and John R. Bandela, (C) 2001.
*Software copyrighted by Joerg Walter and Mathias
Koch, (C) 2000-2002.


V3.0.0




