US English (US)
SE Swedish
NO Norwegian
DA Danish

VIPRE Security Knowledge

English (US)

Plan the migration

Super Administrator

Written By Marissa Fegan (Super Administrator)

Updated at June 15th, 2020

After you have performed an inspection of your current environment, this article provides items to consider before beginning the migration.

Agent Deployment

You have a number of options on how to deploy agents to your endpoints with some variation between VIPRE Cloud and VIPRE Server:

Select the appropriate deployment method for each group of devices that will work best for a particular environment. Sending emailed agent download links, for example, will not work in environments where Administrator access is restricted for end users.

Competitive Agent Removal Tool (CART)

VIPRE includes a special tool that is designed to remove any potentially incompatible endpoint security products that might already be in place prior to installation of the VIPRE agent. This tool is a great time saver, reducing manual software de-installation on each individual endpoint. The tool however includes removal definitions only for recognized software; if your legacy endpoint security solution is not on the list, then software removal may need to proceed manually. You may also choose to disable the CART tool (this is done in Policy) for particularly sensitive systems or if you determine via testing that there is some incompatibility in your environment.

Agent Deployment Testing

Depending on the perceived level of risk in a given environment, you may choose to do some level of agent deployment testing on a select set of systems prior to deploying VIPRE agents more broadly across the organization. This is particularly useful if you have many systems with very similar hardware and software configurations, e.g. a "Gold Master" image that you use for most employee's systems. You may choose to do this testing only for critical server configurations or for a subset of desktops. The goal is to minimize the risk of service disruptions due to incompatibilities between VIPRE and target systems.

A typical test process might look like this:

  • Identify a set of devices that is representative of other target devices in the environment
  • Deploy the VIPRE agent to those systems
  • Verify on the test systems that:
    • The VIPRE agent installed correctly and properly cleaned up legacy security tools
    • Anti-malware scans run on the target system and properly report results back to VIPRE
    • Any important applications and utilities work as before on the target systems
    • Printing and other basic features are unaffected
  • Tune or disable any device configurations or policy settings that may cause conflicts on the tested devices (and report any discovered issues to VIPRE Support)
  • Once finished, approve the VIPRE agent for widespread deployment

There are several circumstances where conflicts occur, what follows are several examples and some remediation options:

Possible  Conflict Typical Cause Remediation Options
Business applications are placed into quarantine VIPRE may identify a business application as a threat if it matches an existing malware signature or if it performs a suspicious action. In some cases such apps are generally considered spyware, but maybe in use locally for a specific purpose. In other, very rare, cases these are true false positives. 
  • Report the false positive to VIPRE for analysis
  • Add the application to the Exclusions list for the assigned policies for the device
  • Modify your threat response settings for that class of applications to avoid quarantining such apps
CART cannot completely remove legacy antivirus products  Definitions for removing that specific product and version may not exist 
  • Verify that the specific product and version appear on the CART definition list
  • Request support for that specific version from VIPRE Support
  • Manually uninstall the legacy antivirus product
USB devices, particularly printers, stop working Conflicts between our Device Control capability, which protects endpoints from USB-based threats, and outdated operating system drivers
  • Update any OS drivers for connected devices
  • Disable the Device Control feature for affected systems

Document Deployment Plan

As you deploy VIPRE into a target environment, it is important to document your deployment plan and write down any specific customizations that you make as you go. VIPRE ships with good default policies that should serve the needs of most customers, but if and when you make customizations it's a good idea to write down what you changed and why you changed it.

As a simple example, if you decide to add a particular application to Exclusions, you should note why that app was added; if the organization in the future stops using that application, you could then remove the associated Exclusions.

 

Related Articles

ESC - Deploy Agents

In order to protect your endpoint devices, the VIPRE agent software must be insta...

Deploy the Custom Agent Installer

After creating a custom installer, you then deploy VIPRE Cloud agents to your end...

Download and Install VIPRE Endpoint Migrator

This article includes instructions to download and install the VIPRE Endpoint Mig...

Getting started with VIPRE Endpoint Migrator

To assist in your migration from Endpoint Security Server to VIPRE Cloud, we have...