Solved

McAfee EPO 4.6, updates failed

Posted on 2014-03-22
1
3,665 Views
Last Modified: 2014-03-27
Dear All,

I'm new to McAfee EPO & have trouble as end-users machine auto update says "updated failed"

EPO version is 4.6
McAfee Agent 4.8
VSE 8.8 Patch 1 or Patch 4

We have some superagent servers, the machines in the particular location tries to contact superagent servers and it says "Valid repository not found" when I do a update. If i check the Mcscript logs, it says the catalog version is not upto-date. There are also other errors, that says connecting to a particular ip & it fails. However, on the auto-repository list if i i place a check mark other than repository server to connect to internet, it downloads successfully (after manually changing proxy on McAfee Agent itself). I do not understand few things as why does Superagent servers catalogs are not upto date. Is my understanding is right that superagent servers gets updates from central EPO server, which then passes to end-devices at respective location? Also as per the agent settings, it has to use internet explorer proxy, but why it didn't connect to internet unless i manually went &changed the proxy to match that in IE? Why it didn't take IE settings?

What is the other way of getting updates from super agent server? Is there a way to mention UNC path on superagent servers so if primary method fails, it can contact secondary?
0
Comment
Question by:basraj
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39950123
The guide will really help to understand the agent better, but also lengthy to go all round reading it. We have to understand some key objectives (pardon me for being "naggy")

- SuperAgent is guaranteed to only store content required by the agents assigned to it because it does not pull any content from the McAfee ePO server until requested from a client. While the SuperAgent is retrieving content from the Master Repository, client system requests for that content will be paused.

- Agents configured to use the SuperAgent as their repository will receive the content cached in the SuperAgent repository instead of directly from the McAfee ePO server. If the SuperAgent is reconfigured to use a new repository, the cache is updated to reflect the new repository.

- When a SuperAgent receives a request for content that might be outdated, the SuperAgent attempts to contact the McAfee ePO server and other sites listed in Sitelist.xml to see if new content is available. If the connection attempts time out, the SuperAgent will distribute content from its own repository instead. This is done to ensure the requester receives content even if that content might be outdated.

http://www.mcafee.com/us/resources/misc/guides/ms-mcafee-agent-product-guide.pdf

Coming back to the issue "Valid repository not found" which is the key one and I assume the Superagent has found the cache invalid and refreshing to the configured site server to get the update, some checks to further isolate

- SiteStat.xml is the first file the update process looks for. SiteStat.xml is used to validate that the repository is correct and updated. Proxy servers such as Microsoft ISA Server often require authentication. By default, VSE attempts to use Internet Explorer proxy settings. However, this is sometimes insufficient.

> Need to check IE proxy which I supposed you already done that. Use the most recent version of IE because certain IE dynamic link libraries are required for the update process. McAfee suggested IE8 above

> Need to check McAfee update side on Proxy settings in the Repository menu. There is need to have a valid account too.

If the xml file is not present or has a status of Disabled, the attempt to the next possible repository on the list proceeds. If we met with error and factor may be
a) likely it cannot connect or in the midst of replication e.g. status gets changed to Disabled to protect file integrity to ensure a matched set of files; or
b) file get corrupted or changed with non reachable new sites (that are not tested and verified in past); or
c) the site does not have latest catalog version e.g. ePO sent the CatalogVersion that is older compared to agent existing version
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now