The dream vs reality - or - why doesn't any of this stuff work?

[NFXBeats]

Bought MBAM Business to use in a 25 workstation shop. My environment is a mix of XP and Win 7 boxes with a few servers (2003-2012) in the mix.  My dream was to have all 25 workstations running MBAM within a day. Install the manager, push it all out and done. Unfortunately reality has set in.

 

The problems are many.

 

No matter what, the scanning engine rarely  finds a WORKSTATION. it does however see most of the servers.

 

On the workstations or servers it does find, it cannot communicate with them. Any attempt to do so will hang the console for a minute or two and then show a message that it can't communicate with the management server. 

 

I tried making a ClientInstall.exe but it does not install Anti0-Malware even though I explicitly told it to include it.

 

In short, I can install the server and console but nothing else works.

 

I understand there is apparently some voodoo required to open ports and give permissions, etc.. I cannot find any useful resources pertaining to this. For example, where can I find the explicit directions to enable DTC properly on the management server and clients? Firewall?

 

Where are the helper utilities to install the required .NET libs, and set up libraries, etc? Do you guys have anything like this? I feel like I have to be an MSCE to use your product!

 

I really would hope you have such things to provide to your customers.

 

I have yet to find anything that makes me feel good about this purchase. Please direct me to useful technical steps to diagnose my environment so it can work with your software.

 

 

 

[gonzo]

Have you read the Best Practices Guide?  It would tell you a lot of the information that you need.  There are also Admin Guides for Management Console, Anti-Malware and Anti-Exploit.  By the way, Anti-Malware client is not designed to be installed on a server.  You might try opening up a support ticket.  Very few forum users are even familiar with the business products.

[NFXBeats]

I finally got an XP workstation to be visible and I pushed the install. It installed anti-exploit, did not install anti-malware even though it was supposed to.  Then it killed the management server so I could do nothing else until I reboot the darn server.

 

Is there no stop/start/restart option for the server? Jeez this product feels like it's alpha. What is supposed to save me time has ended up costing a lot more.

[NFXBeats]

Have you read the Best Practices Guide?  It would tell you a lot of the information that you need.  There are also Admin Guides for Management Console, Anti-Malware and Anti-Exploit.  By the way, Anti-Malware client is not designed to be installed on a server.  You might try opening up a support ticket.  Very few forum users are even familiar with the business products.

 

I did open a ticket. As I said.. my experience has been very poor. 

[Lazz]

Hi NFXBeats,

 

In the Admin guide it lists some prerequisites for push installing.  Please make sure you are meeting these requirements:

 

- Make sure the necessary ports are open for inbound/outbound (Default in setup is 443 for server, 18457 for client, and 137 for NetBIOS)

- NetBIOS is enabled on client machines

- File sharing is enabled on client machines

- Make sure to be pushing with Domain Admin credentials

- Make sure .NET Framework 3.5 is installed

 

After verifying the above, please try pushing again.  If it still does not, try checking the WMI option when pushing.

 

If it is still not pushing, please tell me what errors are showing up in the admin console.

[NFXBeats]

 

Hi NFXBeats,

 

In the Admin guide it lists some prerequisites for push installing.  Please make sure you are meeting these requirements:

 

- Make sure the necessary ports are open for inbound/outbound (Default in setup is 443 for server, 18457 for client, and 137 for NetBIOS)

- NetBIOS is enabled on client machines

- File sharing is enabled on client machines

- Make sure to be pushing with Domain Admin credentials

- Make sure .NET Framework 3.5 is installed

 

After verifying the above, please try pushing again.  If it still does not, try checking the WMI option when pushing.

 

If it is still not pushing, please tell me what errors are showing up in the admin console.

 

 

I finally got an XP box to be seen. I pushed the install and it looked as though it was working.

 

It installed Anti-Exploit on the XP machine and then hung for a few minutes before giving the error: 

 

see the screenshots here: http://imgur.com/a/5F1ao

[gonzo]

When I look at your screenshots, I have three questions to start with:

• What operating system are you running Management Console on? It appears to be an unsupported operating system.
• Have you noticed the certificate error at the bottom of the screen?  That would disable the ability for the console and server to communicate with each other over HTTPS.
• Have you looked at the Best Practices Guide yet?

I have installed servers, local consoles, remote consoles and clients dozens of times and have not run into any of the issues you are showing here.  So far, all of the problems appear to be related to pre-requisites not being met. 

[NFXBeats]

I have read the best practices guide and did not see the requirements for OS.  I assumed a modern server would suffice so I used Windows server 2012. I can down grade to 2008 or even 2003 if it means I wont have the problems.

 

As for the certificate issue, I thought that since you guys force fed installed IIS 7.5 Express, you would have set that all up. Do I need to purchase my own SSL certificate?

 

I followed the steps in 10.5 and got one XP machine to be seen. It pushed Anti-Exploit but not Anti-Malware. So it apparently was communicating fine for a minute and then it all crashed. Why does the server (machine) need to be rebooted everytime? This only adds to the frustration of dealing with what feels like an incomplete program.

 

You guys might want to go the extra mile and at least make a script or small program to check/set the group policies and firewall settings and certificates and OS requirements for your customers. At the very least it will help us to know what port we forgot to open or what local policy we didn't set. 

[NFXBeats]

http://imgur.com/4e4e9OJ shows where the https icon is green. I got it to install ONLY anti-malware. It worked. 

 

I then told the console to update the client to the latest library version and it hung for a couple of minutes and gave me the same error I have been seeing the whole time.

 

I'm off to find an old Server 2008 DVD... The fun continues.

[gonzo]

NFXBeats,

 

Server 2012 is fine.  The window style looked like Windows 7, which is why I made that comment.  People often install Management Console on Win7 because they can...not because it will work properly.  We install a dummy cert when we install IIS Express, but the status bar on your screenshot showed certificate issues indicating an abnormal issue.  You do NOT need to buy a cert.  XP has setup requirements that go above and beyond Win7 and Vista.  You may be running into one of those.  As far as rebooting server, I have never needed to unless I chose to.  I have never had the server or the console crash either.  Without seeing any data, I would guess (and yes, its strictly a guess) that there's a .NET issue at play.

 

Is your most recent screenshot showing the console unable to connect to the server current, or older (before you made any changes)?  I do not see a cert issue there any longer, but something is still disallowing connection.  Is the console and the server on the same machine, or are you running console from another box?  If different, possibly the same cert not being present on the second box could still disallow HTTPS while the server would no longer show a cert issue.

 

You made a good suggestion about the script...I will pass that one along.  There would be several permutations needed for it to work, but the concept is good.

 

Finally, your last email said you were updating the client to the latest library version.....please define "library version."  I'm not sure what you mean there.

[NFXBeats]

By latest library, I meant I told the console to update the libraries on the client. It started and hung and errored.

 

I installed server 2008 and installed the MBAM server on it. I had much better experience. It saw all of my Windows 7 machine and XP machines. 

 

I got it to push install on several machines. but lo and behold somewhere in the middle of it the darn errors again. See http://i.imgur.com/10nM9Co.png

 

You can clearly see it installed on many workstations before the error happened.

 

This is so frustrating because I need to reboot the entire server everytime this message appears. Is there no better way to restart the service? Why is it so fickle? 

[NFXBeats]

Yet again: http://i.imgur.com/6GcxN7w.png

 

You can see the lock is green. I was attempting to install onto the client. It was an XP box and the scan indicated everything was good to go (grey shield).

 

Time to reboot the server again....

[Lazz]

That is an interesting error.  What is the ticket number for the ticket you have submitted?  I would like to collect some server logs and take a closer look at this.

[NFXBeats]

Slightly different error whenever I try to send a command to a client. See: http://i.imgur.com/5ugxPue.png

Weird thing is installing worked fine for this client. 

 

It's like I'm going from one error to another. I'm making progress but slowly. I really hope my investment in time to get this thing working is worth it.

[Lazz]

Hello again.

 

Do you have that ticket number so we can look into this further?

[NFXBeats]

The support email from Jeff L. did not have a ticket number associated with it. I have just  replied to it and attached my logs. Can you get it from him?

[gonzo]

Jeff L. and Lazz are one and the same.  Because you have reached a point where specialized troubleshooting would be more valuable in solving your issue, he will be handling this via your open Technical Support ticket.  I'm glad your issue is progressing, but there's still several questions to be answered.  Jeff will be able to help you more efficiently than the forums can.  It may not seem like it yet, but you are making ground!

[Lazz]

Also just to double-check:  I sent you an e-mail on Monday when you submitted a ticket.  Did you not receive this response?