Best practices when using SCCM to deploy RSA DLP Endpoint Agent software updates
Originally Published: 2015-12-02
Article Number
Applies To
RSA Product/Service Type: Endpoint
RSA Version/Condition: 9.6 SP2
Platform: Windows
O/S Version: 2008 Server R2 x64
Issue
If the tool is configured to use a numerical comparison, this behavior could result in the Agent Software most recent version being replaced with an older version of DLP Endpoint.
(Tip: If the 3rd Party tool does a complete uninstall, the agent will send message to the EM stating to change status to decommissioned after the software is updated.)
For Example:
Base version of P3 is labeled: 9.6.1203.14
The 9.6 SP2 P3 HF2 is labeled as 9.6.1203.12002
The 9.6 SP2 P3 HF2 is labeled as 9.6.1203.12002
SCCM configured to use numerical comparison and it assumes the base version is newer than the HF.
It will proceed to uninstall the HF version and re-install the base.
Resolution
Related Articles
Best practices for using Data Access Governance (DAG) in RSA Identity Governance & Lifecycle Number of Views RSA response to Fox-IT report and Best Practices for RSA SecurID Number of Views RSA SecurID Authentication Engine Security Best Practices Guide (Japanese) Number of Views Best practices for RSA Authentication Manager 8.x Number of Views Best Practices to Mitigate Password-Spraying Attacks Number of Views
Trending Articles
Troubleshooting RSA SecurID Access Identity Router to RSA Authentication Manager test connection failures RSA SecurID Software Token 5.0.2 Downloads for Microsoft Windows RSA Authentication Manager 8.9 Release Notes (January 2026) Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.8 Setup and Configuration Guide
Don't see what you're looking for?
