Release Notes for McAfee(R) Desktop Firewall(TM) 8.0 
Patch 1
(Build 8.0.528)
Copyright (C) 2005 McAfee, Inc.
All Rights Reserved


=====================================================

Thank you for using McAfee Desktop Firewall(TM) software. This file contains important information regarding this release. We strongly recommend that you read the entire document.

The attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. Patch files should be applied only on the advice of McAfee Technical Support, and only when you are actually experiencing the issue being addressed by the Patch. Patch files should not be proactively applied in order to prevent potential product issues. You are responsible for reading and following all instructions for preparation, configuration, and installation of Patch files. Patch files are not a substitute or replacement for product Service Packs which may be released by McAfee, Inc. It is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from McAfee, Inc. Further, posting of McAfee Patch files to publicly available Internet sites is prohibited. McAfee, Inc. reserves the right to refuse distribution of Patch files to any company or person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee Patch files should be directed to McAfee Technical Support.


_____________________________________________________
WHAT'S IN THIS FILE

- New Features
- Installation & and System Requirements
- Before You Begin
- Compatibility with PGP Products
- Files Included with This Release
- Upgrading (Stand-Alone Version)
- Upgrading (ePolicy Orchestrator Version)
- Installation Notes
- Compatibility with PGP Products
- Resolved Issues
- Known Issues
- Documentation
- Contact Information
- Copyright & and Trademark Attributions
- License & and Patent Information







_____________________________________________________
FILES INCLUDED WITH THIS RELEASE

  This patch consists of a file called Patch1.zip.

  When extracted, you will get a readme file and two folders. The folders are: EPO_Hotfix and Standalone_Hotfix.
    
  Contained in the Standalone folder you will get one file: MDFHotfix800-EN-Licensed.exe

  Contained in the EPO_Hotfix folder you will get the following files:
PkgCatalog.z
PkgCatalog.z.Org
EPO_Hotfix2.zip
FirewallDet.McS
EPO_Hotfix.zip
MDFHotfix_ePO800-528EN-Licensed.zip
McAfeeFireHF1_EN.exe

____________________________________________________
INSTALLATION AND SYSTEM REQUIREMENTSINSTALLATION NOTES

NOTE:
Please see the ePolicy Orchestrator and Desktop Firewall product documentation for complete information regarding installation and system requirements.



BEFORE YOU BEGIN

Before installing this version of Desktop Firewall. Note, note the following:

- Desktop Firewall is not compatible with the Entercept agent if the Entercept agent is in protect mode[d1]. Administrators should setSet Entercept protected systems to "Warning Mode" prior to deploying the this Desktop Firewall Ppatch release. Desktop Firewall is not compatible with the Entercept agent in protect mode[d2].    


- Remove any beta versions of Desktop Firewall from your all computers.

- You cannot When installing  Desktop Firewall, do not install the  product tto a mapped network drives.

- When deploying to Windows 95, Windows 98 and Windows ME platforms, ePolicy Orchestrator administrators should dDisable "Application Creation Monitor" prior before you deploy to deploying the this Desktop Firewall Patchpatch release to computers running Windows 95, Windows 98, or Windows Me.


COMPATIBILITY WITH PGP PRODUCTS

Desktop Firewall is not compatible with the PGPadmin and PGPvpn components of the following software suites:

- PGP Desktop Security, version 7.0 or later.

- PGP Corporate Desktop, version 7.1 or later.

- PGPfire Personal Firewall/IDS, version 7.1 or later.

You must remove the PGPadmin and PGPvpn components if you plan to install and use Desktop Firewall.


FILES INCLUDED WITH THIS RELEASE[d3]

This release consists of a package called PATCH1.ZIP, which contains the following files:

PATCH1.TXT = 
This text file

The STANDALONE_HOTFIX folder contains these files:

MDFHOTFIX800-EN-LICENSED.EXE =
Setup program

The EPO_HOTFIX folder contains these files:

PKGCATALOG.Z = 
Package file
PKGCATALOG.Z.ORGG = 
DESCRIBE WHAT THIS IS
EPO_HOTFIX2.ZIP = 
DESCRIBE WHAT THIS IS
FIREWALLDET.MCS = 
Detection script related to package file
EPO_HOTFIX.ZIP = 
DESCRIBE WHAT THIS IS
MDFHOTFIX_EPO800-528EN-LICENSED.ZIP = 
DESCRIBE WHAT THIS IS
MCAFEEFIREHF1_EN.EXE = 
DESCRIBE WHAT THIS IS



___________________________________________________
INSTALLATION AND SYSTEM REQUIREMENTS

Please see ePO and Desktop Firewall product documentation for complete information regarding installation and system requirements.


UPGRADING (STAND-ALONE VERSION)

To upgrade to this interim release: (greater level of detail in these instructions)

1. When you are ready to install the Patch, dDouble-click this the MDFHOTFIX800-528EN-LICENSED.EXE file.: 


1. Choose Click "Next," then.

2. Choose "Finish."

3. When you are prompted, restart your computer to complete the install.


UPGRADING (ePOLICY EPOLICY ORCHESTRATOR VERSION)

To install this Patch:

1. Check in the patch release package (PKGCATALOG.Z) file. For instructions, see "Check in product deployment packages to the master repository" in the "ePolicy Orchestrator3.5 Product Guide" or Help file. Follow the procedures for installing a Patch into y our Repository which can be found in the ePO Installation Guide.

1. Check in PkgCatalog.z.


2. Create a new "Deployment" client task to deploy the updated software to your remote Desktop Firewallpatch release to managed computers running Desktop Firewall. users[d4]. (If you already have enabled the Global Update task or a DAT update task, the new Patch is pushed out on the next task.)

NOTE: 
After deploying the patch release, and after the first agent-to-server communicationASCI[d5] following deployment, you can see who has received the new Patch and reported this information back to ePOwhich computers the patch release has been successfully installed on by viewing the "All Installations" query under <ePO_databasenamedatabase> | <Ddatabase>name | "Queries" | "Installations" | All Installationsin the tree pane. 
Under the hotfix column, next to the Desktop Firewall entries, the number 1 indicates who has received the Patch and reported this information back to your ePolicy Orchestrator servercomputers on which the patch release has been installed.



COMPATIBILITY WITH PGP AND ENTERCEPT PRODUCTS

Desktop Firewall is not compatible with the PGPadmin and PGPvpn components of the following software suites:

- PGP Desktop Security, version 7.0 or later.

- PGP Corporate Desktop, version 7.1 or later.

- PGPfire Personal Firewall/IDS, version 7.1 or later.

You must remove the PGPadmin and PGPvpn components if you plan to install and use Desktop Firewall.

Desktop Firewall is not compatible with the Entercept agent if the Entercept agent is in protect mode. 

- Administrators should set Entercept protected systems to "Warning Mode" prior to deploying the Desktop Firewall Patch.




__________________________________________________________
RESOLVED ISSUES


This Patch patch release for Desktop Firewall includes the following changes made in previous releases. The list of resolved issues is divided into sections based on the date and version number of each interim release.


MARCH 2005 ~ DESKTOP FIREWALL 8.0.528

1. ISSUE:
ToolT tips are not always displayed properly in the log files.

RESOLUTION: 
Certain tToolT tips are no longer displayed, and those that are, display correctly.

2. ISSUE:
If a custom rule is created in ePolicy Orchestrator that allows an application with a path of any, a hash [kc6]and path is created for the first instance on the client, and a second instance with a different version or path is blocked.

RESOLUTION:
Issue is fixed in this release.

3. ISSUE:
Compatibility issues with Adobe Illustrator. In Adobe Illustrator if you open and change an EPS file, then save it, the file is deleted when you exit the application. 

RESOLUTION: 
Issue is resolved with this release.

4. ISSUE:
In some instances, Audit Learn Mode did not learn new rules properly.

RESOLUTION:
Audit Learn Mode now learns all rules properly.

5. ISSUE:
In previous versions, if Desktop Firewall did not recognize an application, it defaulted to blocking the application. 

RESOLUTION:
Now Desktop Firewall defaults to allow the application.


FEBRUARY 2005 ~ DESKTOP FIREWALL 8.0.517

1. ISSUE:
A connection was being dropped, because a Protocol Module was returning unknown status value to the TDI driver.

RESOLUTION:
This unknown status value is now converted to a known status value.

2. ISSUE:
There was no [RestartServices] section in the FirewallDet.mcs script file. Therefore, when an update task ran, an error was always logged in mcscript.log

RESOLUTION:
[RestartServices] now is included in the script, so that there is no error message in the mcscript.log file. 

3. ISSUE:
The path of the application being executed was not matched correctly to the path specified in the rule.
   
RESOLUTION:
Path matching is fixed in this release. 

4. ISSUE:
When executing a batch file, the Policy Manager driver would not properly close all the opened handles to the script file, making the file read-only after the first run.



RESOLUTION
:
In this release, the Policy Manager driver closes all the opened handles after the batch has completed its job.

5. ISSUE:
The firewall was not creating rules for the incoming traffic when there was no application listening on the specified port. 

RESOLUTION:
This behavior is as-designed. To clear the log, you must create a rule that allows the traffic. 



NOTE: 
There are predefined groups [kc7]of rules such as NetBIOS and ICMP, but these apply only to the trusted networks.


OCTOBER 2004 ~ DESKTOP FIREWALL 8.0.511

1. ISSUE:
In a rare case, Desktop Firewall caused a blue screen error.

RESOLUTION:
A change was made in the way a process sweep handle is called.


JULY 2004 ~ DESKTOP FIREWALL 8.0.510

1. ISSUE:
A connection was being dropped and the Protocol Module returns unknown status value to the TDI driver.

RESOLUTION:
This unknown status value is converted to a known status value.


JULY 2004 ~ DESKTOP FIREWALL 8.0.509

1. ISSUE:
FQDN rules was not working correctly.

RESOLUTION:
If there were more than one rule with the same FQDN, only the first was resolved. As a result, the other rule(s) would not match correctly. 

FIX:
Added NULL pointer checks in prefs code to fix some crashes seen from Error Reporting crash dumps.


JULY 2004 ~ DESKTOP FIREWALL 8.0.508

1. ISSUE:
General cleanup/data revision.


JUNE 2004 ~ DESKTOP FIREWALL 8.0.507

1. ISSUE:
(ePolicy Orchestrator version only) 
If an ePolicy Orchestrator administrator made their default database user something other than "dbo", Desktop Firewall data would be stored under the new default user. However, the ePolicy Orchestrator version of Desktop Firewall continued to look for this data under the "dbo" user. As a result, reports stopped working.

RESOLUTION:
This build fixes the issue by storing Desktop Firewall data under the "dbo" database user, even if administrators make a different default user.

2. ISSUE:
If users tried to run an application stored on a Samba shared drive, Desktop Firewall could stop working and block all network access.

RESOLUTION:
This release fixes the problem.


JUNE 2004 ~ DESKTOP FIREWALL 8.0.506

1. ISSUE:
In some cases, Desktop Firewall did not install properly, because another application deleted a vital registry key before the software finished installing.

RESOLUTION:
Changes to the installation process have fixed this problem.


JUNE 2004 ~ DESKTOP FIREWALL 8.0.505

1. ISSUE:
In some cases, the Desktop Firewall installation did not install a driver in the correct order. As a result, users could not access network resources.

RESOLUTION:
Desktop Firewall now installs this driver properly.

2. ISSUE:
The software did not provide full access to NetWare folders.

RESOLUTION:
This version resolves the issue, and allows proper access to NetWare resources.

3. ISSUE:
Some users experienced system failures on rare occasions.

RESOLUTION:
Software changes have resolved this issue.


APRIL 2004 ~ DESKTOP FIREWALL 8.0.500

1. ISSUE:
Some users experienced a drop in performance times when they used Desktop Firewall to secure a Network Interface Card (NIC) that had TCP segmentation offloading enabled.

(Some NICs come with segmentation offloading enabled by default.)

RESOLUTION:
Desktop Firewall no longer causes a drop in performance times when TCP segmentation offloading is enabled.

2. ISSUE:
(Windows 2000 and Windows XP only.)
When using Desktop Firewall with Cisco VPN version 4.0.3 (client), computers occasionally stopped responding when disconnecting from the VPN.

RESOLUTION:
This release fixes the issue, so that systems no longer stop responding in this situation.

3. ISSUE:
(Windows NT, Windows 2000, and Windows XP only.)
On some computers, users experienced intermittent fatal errors that required restarting. This was caused when the software loaded drivers in the incorrect order.

RESOLUTION:
This interim release fixes the driver issue.

4. ISSUE:
Some Desktop Firewall users experienced problems when they attempted to access Novell services on a network using DHCP. This occurred when the firewall rejected improperly-formed packets from the Novell driver. Since the DHCP request failed to complete, users could not successfully access their Novell services.

RESOLUTION:
Desktop Firewall now allows the Novell packets; users should have no difficulty accessing Novell services.


APRIL 2004 ~ DESKTOP FIREWALL 8.0.497

1. ISSUE:
An application monitoring rule that used wild cards could cause a system failure if a process was started with a very long path name.

RESOLUTION:
Application monitoring rules that use wild cards will not cause system failures, no matter how long process path names are.

2. ISSUE:
In certain cases, Desktop Firewall blocked access to shared NetBIOS network resources when the NetBIOS rule associated those resources with an address range.

RESOLUTION:
The software handles NetBIOS shared resources properly using the NetBIOS rule.


MARCH 2004 ~ DESKTOP FIREWALL 8.0.495

1. ISSUE:
(Windows NT, Windows 2000, and Windows XP only.)
If a user locked their workstation and an administrator later unlocked it, the McAfee Desktop Firewall service stopped working.

RESOLUTION:
Desktop Firewall now works properly in this situation.


FEBRUARY 2004 ~ DESKTOP FIREWALL 8.0.493

1. ISSUE:
In some cases, Desktop Firewall did not work properly with the Cisco Systems VPN Client when users put their computers into Sleep or Hibernate mode while connected to a VPN.

RESOLUTION:
The software now works properly in these modes.

2. ISSUE:
When used over a dial-up connection, Desktop Firewall did not work properly with Check Point SecuRemote Client.

RESOLUTION:
This release includes changes to Desktop Firewalls Windows NT hook driver, which make it fully compatible with SecuRemote Client.

3. ISSUE:
When Desktop Firewall attempted to install new IDSsignatures during an update, the installation of the new signatures failed with ePolicy Orchestrator3.0.1 and 3.0.2.

RESOLUTION:
The issue has been resolved, and new IDS signatures install correctly with ePolicy Orchestrator3.0.1 and3.0.2.

4. ISSUE:
With ePolicy Orchestrator 3.0.1, once a scheduled Desktop Firewall 8.0.485 task ran, all subsequent update tasks could not start because the Desktop Firewall task was incorrectly being reported as in-progress.

RESOLUTION:
This release resolves this issue. All ePolicy Orchestrator update tasks now run regardless of the type of update task that precedes them.

5. ISSUE:
Stand-alone versions of Desktop Firewall require a local Update task, but the ePolicy Orchestrator-managed software does not. In the previous version of Desktop Firewall, the Update task was created on both stand-alone and ePolicy Orchestrator computers. ePolicy Orchestrator administrators could not delete or modify this task.

RESOLUTION:
In this release, Desktop Firewall creates and manages the local Update task on stand-alone computers, but not on ePolicy Orchestrator computers. If you convert a stand-alone computer to an ePolicy Orchestrator-managed computer, the software will detect and delete the unnecessary local Update task.

6. ISSUE:
In the previous version of the software, computers exiting Quarantine Mode experienced a delay while the firewall waited to enforce its new policies. The firewall did not enforce its new policies until it ran the next scheduled ePolicy Orchestrator enforcement task.

RESOLUTION:
In this version, changes to Desktop Firewalls task management mean that the software automatically enforces new policies when it exits Quarantine Mode.


__________________________________________________________
KNOWN ISSUES

	
1. On computers running Windows NT, Windows 2000, and or Windows XP, Desktop Firewall does not monitor DOS and Windows 16-bit applications if you select "Enable Application Creation Monitor " on the Application Policy tab.

2. This release does not support Fast-User Switching (FUS). Using Desktop Firewall with FUS may cause system problems. This issue is under investigation.

3. Internet Connection Sharing is not supported.

4. If you disable Learn Mode on Domain Controllers or other Windows NT servers (including ePolicy Orchestrator servers and consoles), these computers might not be able to access the network. Do not disable Learn Mode on these computers unless your policy enables all of the necessary Windows networking services.

5. The following VPN clients work with Desktop Firewalls Quarantine Mode:

- Cisco Systems VPN Client 3.5.1

- Cisco Systems VPN Client 4.0

- Nortel Networks Contivity VPN Client 4.6

- Microsoft PPTP VPN Client

Other VPN clients may not provide Quarantine Mode support.


6. Do not quarantine static IP addresses that belong to laptop users; otherwise Desktop Firewall quarantines them and prevents them from communicating with any network they use.

7. 
8. When installing new applications on a Desktop Firewall computer, deselect the Enable Application Creation Monitor checkbox on the firewall's Application Policy tab. This prevents installation problems.

9. Desktop Firewall does not support IPv6.

10. Desktop Firewall does not display the firewalls Learn Mode Alert dialog box when it detects Novell NetWare client traffic. It automatically blocks this traffic. To allow Novell NetWare clients to communicate with their server, add a new firewall rule. This rule must allow incoming UDP traffic from remote port 427.

11. 
12. The Activity Log may occasionally log an event with the description "bad packet." These entries indicate that the software intercepted and discarded an improperly formed packet. These entries do not indicate an attack, and you do not have to take any action.

13. This release does not automatically create Sniffer .CAP files to capture information about attacks on your system. You can configure Desktop Firewall to create these files by editing the Registry. To do this, create a new DWORD registry key called RecordPackets in the following location, and set its value to 1:

14. 
HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\McAfee Fire

15. The ePolicy Orchestrator console does not always display the full list of IDS signatures installed on a deployed Desktop Firewall.

When a deployed Desktop Firewall updates its list of IDS signatures, the ePolicy Orchestrator console does not always get the revised list of available signatures.

If you installed Desktop Firewall on your ePolicy Orchestrator console computer, ePolicy Orchestrator gets the same signature update as your deployed firewalls. If you do not have Desktop Firewall installed on this computer, you must update the ePolicy Orchestrator console manually. Copy the FireIDSSigs.txt file from a deployed firewall computer to the "MDF 80 ePO Update folder" on your ePolicy Orchestrator console computer.

16. On computers running Windows ME Me and or Windows 98, Desktop Firewalls application monitoring feature cannot block screen savers from running.

17. In some cases when running Desktop Firewall with Quarantine Mode enabled, Desktop Firewall fails to release from Quarantine Mode. The Common agent (CMA) log shows "Performing system up to-date check", "System up to-date check completed Result = 0 System State =3"

If this happens, the Common agent is in a loop, waiting for something to happen, and the ePolicy Orchestrator framework service should be stopped and restarted. Once the ASCI (ePolicy Orchestrator-to-agent communication) is complete, Desktop Firewall releases from Quarantine Mode.

18. If the firewall is run with the basic starter rule set, it blocks domain logins on all Windows 95 and Windows 98 platforms.

The workaround for this is to add the subnet on which the domain controller is located to the Trusted Networks portion of the Firewall Configuration. For example, if the domain controller is located at 192.168.10.2, you should add 192.168.10.0 with a subnet mask of 255.255.255.0 to the Trusted Networks configuration.

19. With build 528, a log entry is noted for McAfee Script     Engine (McScript in use) at each ASCI with the ePolicy Orchestrator server if Filter Options | Applications Logging is enabled.


_____________________________________________________
DOCUMENTATION

Documentation is included on the product CD and/or is available with a valid grant number from the McAfee download site:

https://secure.nai.com/us/forms/downloads/upgrades/login.asp

NOTE:
Electronic copies of all product manuals are saved as Adobe Acrobat .PDF files. The product CD includes the latest version of Acrobat Reader, or you can download any version from the Adobe web site:

http://www.adobe.com/products/acrobat/readstep2.html


DESKTOP FIREWALL DOCUMENTATION

- Installation Guide.
Provides system requirements and instructions for installing the software. Available as a printed book included in the product box.

- Product Guide.
Introduces the product, describes product features, provides detailed instructions for configuring the software, deployment, and ongoing operation and maintenance.

- Help system (stand-alone version only).
A Help file, accessed from within the software application, provides quick access to concepts, definitions, and procedures for using the software. Includes What's This? topics, full topic search, indexing, and page-level context-sensitive Help.

- A LICENSE Agreement.
The terms under which you may use the product. Read it carefully. If you install the product, you agree to the license terms.

- This README file.

- A CONTACT file.
Contact information for McAfee services and resources: technical support, customer service, AVERT, beta program, and training. 


SUPPLEMENTAL DOCUMENTATION

- ePolicy Orchestrator 3.0 Product Guide.


_____________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the latest beta information, visit the McAfee beta web site located at:
http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

To submit beta feedback on any McAfee product, send e-mail to:
mcafee_beta@mcafee.com

McAfee is devoted to providing solutions based on your input.


__________________________________________________________
CONTACT INFORMATION

SECURITY HEADQUARTERS:  AVERT 
(Anti-Virus & Vulnerability Emergency Response Team)
Home Page
http://www.mcafeesecurity.com/us/security/home.asp

Virus Information Library
http://vil.mcafeesecurity.com/

AVERT WebImmune & Submit a Virus Sample
https://www.webimmune.net/default.asp

AVERT DAT Notification Service
http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


DOWNLOAD SITE
Home Page
http://www.mcafeesecurity.com/us/downloads/

Anti-Virus DAT File and Engine Updates
http://www.mcafeesecurity.com/us/downloads/updates/

ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

Anti-Spam Rules File and Engine Updates
ftp://ftp.nai.com/spamdefs/1.x/

Product Upgrades
https://secure.nai.com/us/forms/downloads/upgrades/login.asp

Valid grant number required (contact Customer Service)
		

TECHNICAL SUPPORT
Home Page
http://www.mcafeesecurity.com/us/support/technical_support

KnowledgeBase Search
https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

PrimeSupport Service Portal (Logon credentials required)
https://mysupport.mcafeesecurity.com 

PSVANS  PrimeSupport Vulnerability Alert Notification Service
http://www.mcafeesecurity.com/us/support/primesupport/


CUSTOMER SERVICE
US, Canada, and Latin America toll-free:
Phone:	+1-888-VIRUS NO or +1-888-847-8766
Monday-Friday, 8am-8pm, Central Time 

E-mail: 	https://secure.nai.com/us/forms/support/request_form.asp

Web:	http://www.mcafeesecurity.com/us/support/default.asp


MCAFEE BETA PROGRAM
Download Site:
http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

E-mail to Submit Beta Feedback:
mcafee_beta@mcafee.com


TRAINING: MCAFEE UNIVERSITY
http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


WORLDWIDE OFFICES
For addresses and phone numbers of worldwide offices: 

http://www.mcafeesecurity.com/us/contact/home.htm
__________________________________________________________
CONTACT INFORMATION

Security Headquarters:  AVERT 
 (Anti-Virus & Vulnerability Emergency Response Team)
Home Page
http://www.mcafeesecurity.com/us/security/home.asp

Virus Information Library
http://vil.mcafeesecurity.com/

AVERT WebImmune & Submit a Virus Sample
https://www.webimmune.net/default.asp

AVERT DAT Notification Service
http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


Download Site
Home Page
http://www.mcafeesecurity.com/us/downloads/

Anti-Virus DAT File and Engine Updates
http://www.mcafeesecurity.com/us/downloads/updates/

ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

Anti-Spam Rules File and Engine Updates
ftp://ftp.nai.com/spamdefs/1.x/

Product Upgrades
https://secure.nai.com/us/forms/downloads/upgrades/login.asp

Valid grant number required (contact Customer Service)
		

Technical Support
Home Page
http://www.mcafeesecurity.com/us/support/technical_support

KnowledgeBase Search
https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

PrimeSupport Service Portal (Logon credentials required)
https://mysupport.mcafeesecurity.com 

PSVANS  PrimeSupport Vulnerability Alert Notification Service
http://www.mcafeesecurity.com/us/support/primesupport/


Customer Service
US, Canada, and Latin America toll-free:
Phone:	+1-888-VIRUS NO or +1-888-847-8766
Monday-Friday, 8am-8pm, Central Time 

E-mail: 	https://secure.nai.com/us/forms/support/request_form.asp

Web:	http://www.mcafeesecurity.com/us/support/default.asp


McAfee Beta Program
Download Site:
http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

E-mail to Submit Beta Feedback:
mcafee_beta@mcafee.com


Training: McAfee University
http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


Worldwide Offices
For addresses and phone numbers of worldwide offices: 

http://www.mcafeesecurity.com/us/contact/home.htm


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2005 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form orbyany means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. 


TRADEMARKS

ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY (AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN (STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT, EPOLICY ORCHESTRATOR,  FIRST AID, GROUPSHIELD, GROUPSHIELD (AND IN KATAKANA),  INTRUSHIELD, INTRUSION PREVENTION THROUGH INNOVATION,  MCAFEE, MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN, MCAFEE.COM, MCAFEE VIRUSSCAN, NA NETWORK ASSOCIATES, NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN, NETSHIELD, NETWORK ASSOCIATES, NUTS & BOLTS, OIL CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA), YOUR NETWORK. OUR BUSINESS.  are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries.  The color red in connection with security is distinctive of McAfee brand products.  All other registered and unregistered trademarks herein are the sole property of their respective owners. 



_____________________________________________________
LICENSE AND & PATENT INFORMATION



LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). *Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. *Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein.  *Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer.  *Software originally written by Robert Nordier, Copyright (C)1996-7 Robert Nordier.  *Software written by Douglas W. Sauder.  *Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. 
*International Components for Unicode (ICU) Copyright (C)1995-2002 International Business Machines Corporation and others.  *Software developed by CrystalClear Software, Inc., Copyright (C)2000 CrystalClear Software, Inc. *FEAD(R) Optimizer(R) technology, Copyright Netopsystems AG, Berlin, Germany. *Outside In(R) Viewer Technology (C)1992-2001 Stellent Chicago, Inc. and/or Outside In(R) HTML Export, (C)2001 Stellent Chicago, Inc.  *Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, (C)1998, 1999, 2000.  *Software copyrighted by Expat maintainers.  *Software copyrighted by The Regents of the University of California, (C)1989.  *Software copyrighted by Gunnar Ritter.  *Software copyrighted by Sun Microsystems(R), Inc. (C)2003.  *Software copyrighted by Gisle Aas. (C)1995-2003.  *Software copyrighted by Michael A. Chase, (C)1999-2000.  *Software copyrighted by Neil Winton, (C)1995-1996.  *Software copyrighted by RSA Data Security, Inc., (C)1990-1992.  *Software copyrighted by Sean M. Burke, (C)1999, 2000.  *Software copyrighted by Martijn Koster, (C)1995.  *Software copyrighted by Brad Appleton, (C)1996-1999.  *Software copyrighted by Michael G. Schwern, (C)2001.  *Software copyrighted by Graham Barr, (C)1998.  *Software copyrighted by Larry Wall and Clark Cooper, (C)1998-2000.  *Software copyrighted by Frodo Looijaard, (C)1997.  *Software copyrighted by the Python Software Foundation, Copyright (C)2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org.  *Software copyrighted by Beman Dawes, (C)1994-1999, 2002.  *Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek (C)1997-2000 University of Notre Dame.  *Software copyrighted by Simone Bordet & Marco Cravero, (C)2002.  *Software copyrighted by Stephen Purcell, (C)2001.  *Software developed by the Indiana University Extreme! Lab http://www.extreme.indiana.edu/).  *Software copyrighted by International Business Machines Corporation and others, (C)1995-2003.  *Software developed by the University of California, Berkeley and its contributors.  *Software developed by Ralf S. Engelschall <rse@engelschall.com> for use in the mod_ssl project (http://www.modssl.org/).  *Software copyrighted by Kevlin Henney, (C)2000-2002.  *Software copyrighted by Peter Dimov and Multi Media Ltd. (C)2001, 2002.  *Software copyrighted by David Abrahams, (C)2001, 2002. See http://www.boost.org/libs/bind/ bind.html for documentation.  *Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, (C)2000.  *Software copyrighted by Boost.org, (C)1999-2002.  *Software copyrighted by Nicolai M. Josuttis, (C)1999.  *Software copyrighted by Jeremy Siek, (C)1999-2001.  *Software copyrighted by Daryle Walker, (C)2001.  *Software copyrighted by Chuck Allison and Jeremy Siek, (C)2001, 2002. *Software copyrighted by Samuel Krempp, (C)2001. See http://www.boost.org for updates, documentation, and revision history.  *Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), (C)2001, 2002.  *Software copyrighted by Cadenza New Zealand Ltd., (C)2000.  *Software copyrighted by Jens Maurer, (C)2000, 2001.  *Software copyrighted by Jaakko Jrvi (jaakko.jarvi@cs.utu.fi), (C)1999, 2000.  *Software copyrighted by Ronald Garcia, (C)2002.  *Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, (C)1999-2001.  *Software copyrighted by Stephen Cleary (shammah@voyager.net), (C)2000.  *Software copyrighted by Housemarque Oy 
<http:// www.housemarque.com>,(C)2001.  *Software copyrighted by Paul Moore, (C)1999.  *Software copyrighted by Dr. John Maddock, (C)1998-2002.  *Software copyrighted by Greg Colvin and Beman Dawes, (C)1998, 1999.  *Software copyrighted by Peter Dimov, (C)2001, 2002.  *Software copyrighted by Jeremy Siek and John R. Bandela, (C)2001.  *Software copyrighted by Joerg Walter and Mathias Koch, (C)2000-2002.

V3.1.2




[d1]Should "Protect Mode" also be in quotes. This is usually done to set off the name of options in the interface and the option name should appear verbatim from the interface.
[d2]Should "Protect Mode" also be in quotes. This is usually done to set off the name of options in the interface and the option name should appear verbatim from the interface.
[d3]Jason, it's easier to read when the files are in a list as opposed to sentences
[d4]I don't believe that global updating applies to patch release, but only to DAT and engine files, but you might want to verify this with the EPO team. Also, I don't know what the DAT update task has to do with patch releases. Maybe this was just left over from the last version of the file or something.
[d5]Any agent-to-server communication, such as an agent wakeup call will have the same result.
[kc6]Is this correct? What is a hash?
[kc7]Groups for what?
