EPO configuration advice

All right, sock it to me. I have a task to configure Epolicy Orchestrator again. Did it once, but fumbled through it.

These are things I have to do:
1) edit the repository lists and make all computers get their dats from the EPO server (we call it the SecServer)
2) schedule scans three times a week.
3) Allow FixCCS.exe from being blocked (I figured this one out)
4) Alert my email account ABC@DEF.gov  (yes, catch that one web spiders and spam the heck out of it)

Other suggestions are going to be taken into serious consideration.
Any white papers are appreciated.

Thanks

John
LVL 39
ChiefITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

legalsrlCommented:
OK, piece of cake....

1.  Deploy the ePO Agents to the clients from within ePO, that way they will automatically update from the Sec Server
2.  Create an On Demand Scan Task from within ePO to scan your machines on the dates/times you want
3.  You've already done this
4.  Set up Notification on each detection to send you an email
5.  Read this Evaluation Guide attached

Let me know if you need anything else
Cheers
Si

epo-400-eval-guide-en-us.pdf
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ChiefITAuthor Commented:
excellent white paper.

This is much easier than I thought.

Do you have any other recommendations that I might look into for my domain???
__________________________________________________
By the way, you might find this important to you:
Allow FixCCS.exe from being blocked (I figured this one out)

Windows XP has released SP3. In that Service pack there is a file called FixCCS.exe that is prevented from running. That stands for Fix Current Control Set. This executable file does about 8800 registry edits to your current control set. Without it, your Service pack 3 doesn't work well, and you end up with serious problems to your OS. I had to prevent McAfee from blocking that file.
0
legalsrlCommented:
Interesting point, but why is FixCCS blocked ?

I've never come across it being blocked in the x many hundred installs I've done over the past year.....what's different your end ?

I can quite happily provide you with recommendations for products for your domain, but they would be purely with a technical bias....i.e. they are the best product for the job.....I don't get involved with the costings ! So what are you looking for ?

Cheers
Si
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

ChiefITAuthor Commented:
FixCCS runs from a temp file and makes a bunch of registry edits. On Access scanner blocks both, unless you premit it.

I am looking for better ways to imrove EPO to make it work at peak performance. I am also considering McAfee Antispyware that goes with this enterprise package of AV console. Will EPO administer that as well? It appears like it will.
0
legalsrlCommented:
OK, gotcha, sounds like you might have a misconfiguration on the Access Protection policies in VSE......I wouldn't prevent things running from the temp folder, and only set it to report, not block

McAfee AS can also be configured through ePO, in fact any McAfee product should be able to be configured from within ePO, including appliances

Cheers
Si
0
ChiefITAuthor Commented:
Just what the doctor ordered, THANKS!!!
0
ChiefITAuthor Commented:
Thanks, just what I was looking for!!

You provided a white paper to help me configure it, you gave me information on how to configure AS console and also provided answers to my direct questions on what I wanted to do.

So, all in all, that was perfect advice.
0
legalsrlCommented:
Thank you very much, if there's anything else you need just let me know, cheers Si
0
Robert_ITCommented:
Setup EPO???

Major missing components that everyone misses besides reading the manuals, is creating internal documentation, polices, and all those AV exclusions. Toss EPO into your environment and your servers can easily stop talking if they have any unique requirements.

I didn't hear much in the way of recommending testing either, what gives with you guys!
0
Robert_ITCommented:
Legalsrl,

Here's something I posted on the McAfee forums to help with the exclusions I mentioned. I also created an Excel spreadsheet to document all the setting for version 4.0. McAfee EPO can easily become an undocumented nightmare if your not careful.

http://community.mcafee.com/showthread.php?t=229802
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.