?
Solved

EPO configuration advice

Posted on 2009-07-16
10
Medium Priority
?
1,070 Views
Last Modified: 2013-12-09
All right, sock it to me. I have a task to configure Epolicy Orchestrator again. Did it once, but fumbled through it.

These are things I have to do:
1) edit the repository lists and make all computers get their dats from the EPO server (we call it the SecServer)
2) schedule scans three times a week.
3) Allow FixCCS.exe from being blocked (I figured this one out)
4) Alert my email account ABC@DEF.gov  (yes, catch that one web spiders and spam the heck out of it)

Other suggestions are going to be taken into serious consideration.
Any white papers are appreciated.

Thanks

John
0
Comment
Question by:ChiefIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
10 Comments
 
LVL 16

Accepted Solution

by:
legalsrl earned 2000 total points
ID: 24876576
OK, piece of cake....

1.  Deploy the ePO Agents to the clients from within ePO, that way they will automatically update from the Sec Server
2.  Create an On Demand Scan Task from within ePO to scan your machines on the dates/times you want
3.  You've already done this
4.  Set up Notification on each detection to send you an email
5.  Read this Evaluation Guide attached

Let me know if you need anything else
Cheers
Si

epo-400-eval-guide-en-us.pdf
0
 
LVL 39

Author Comment

by:ChiefIT
ID: 24880108
excellent white paper.

This is much easier than I thought.

Do you have any other recommendations that I might look into for my domain???
__________________________________________________
By the way, you might find this important to you:
Allow FixCCS.exe from being blocked (I figured this one out)

Windows XP has released SP3. In that Service pack there is a file called FixCCS.exe that is prevented from running. That stands for Fix Current Control Set. This executable file does about 8800 registry edits to your current control set. Without it, your Service pack 3 doesn't work well, and you end up with serious problems to your OS. I had to prevent McAfee from blocking that file.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 24882190
Interesting point, but why is FixCCS blocked ?

I've never come across it being blocked in the x many hundred installs I've done over the past year.....what's different your end ?

I can quite happily provide you with recommendations for products for your domain, but they would be purely with a technical bias....i.e. they are the best product for the job.....I don't get involved with the costings ! So what are you looking for ?

Cheers
Si
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 39

Author Comment

by:ChiefIT
ID: 24883295
FixCCS runs from a temp file and makes a bunch of registry edits. On Access scanner blocks both, unless you premit it.

I am looking for better ways to imrove EPO to make it work at peak performance. I am also considering McAfee Antispyware that goes with this enterprise package of AV console. Will EPO administer that as well? It appears like it will.
0
 
LVL 16

Assisted Solution

by:legalsrl
legalsrl earned 2000 total points
ID: 24885306
OK, gotcha, sounds like you might have a misconfiguration on the Access Protection policies in VSE......I wouldn't prevent things running from the temp folder, and only set it to report, not block

McAfee AS can also be configured through ePO, in fact any McAfee product should be able to be configured from within ePO, including appliances

Cheers
Si
0
 
LVL 39

Author Closing Comment

by:ChiefIT
ID: 31604313
Just what the doctor ordered, THANKS!!!
0
 
LVL 39

Author Comment

by:ChiefIT
ID: 24886180
Thanks, just what I was looking for!!

You provided a white paper to help me configure it, you gave me information on how to configure AS console and also provided answers to my direct questions on what I wanted to do.

So, all in all, that was perfect advice.
0
 
LVL 16

Expert Comment

by:legalsrl
ID: 24886213
Thank you very much, if there's anything else you need just let me know, cheers Si
0
 
LVL 2

Expert Comment

by:Robert_IT
ID: 24993789
Setup EPO???

Major missing components that everyone misses besides reading the manuals, is creating internal documentation, polices, and all those AV exclusions. Toss EPO into your environment and your servers can easily stop talking if they have any unique requirements.

I didn't hear much in the way of recommending testing either, what gives with you guys!
0
 
LVL 2

Expert Comment

by:Robert_IT
ID: 24993803
Legalsrl,

Here's something I posted on the McAfee forums to help with the exclusions I mentioned. I also created an Excel spreadsheet to document all the setting for version 4.0. McAfee EPO can easily become an undocumented nightmare if your not careful.

http://community.mcafee.com/showthread.php?t=229802
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question