Showing results for 
Search instead for 
Did you mean: 
Level 7

ePO Agent SSL communication only


I'm a bit puzzled at what is communicated in various topics on the ePO agent and it's SSL support.

I'm asked to look into removing all unencrypted data transfers from the Mcafee Agents to the server.

Agent 4.5 and higher are default using SSL over port 443 (which is fine and does not need to change)

but some topics say that port 80 HTTP needs to be open for updates while other topics mention

definition updates work fine over port 443 except patches.

Hence my question:

Can port 80 be dissabled on the server and clients when they use ePO & Agent 4.6?

If the answer is no, which traffic keeps using port 80?

redirecting port 80 to 443 is no option as you can only have 1 listner on the port

and it will be unencrypted still.

I know these questions have been asked before, but answers where inconclusive

at best....

4 Replies
Level 9

Re: ePO Agent SSL communication only

I am also curious about the answer to this question. Can we close off port 80 on the Windows firewall all together and have it use 443?

0 Kudos
Level 7

Re: ePO Agent SSL communication only

Port 443 is used for communication between agents and ePO console (clients become "managed" in ePO).

Port 80 is used for VSE to pull updates (DAT) from ePO console/SuperAgent(repository).

Port 8081 is needed if your clients will pull updates from a SuperAgent(repository)

0 Kudos
Level 16

Re: ePO Agent SSL communication only

There would also be another problem if you close port 80, and it's that the ePO's Apache Server won't start anymore

0 Kudos
Level 12

Re: ePO Agent SSL communication only

i was under the impression that agent to server communication happens by default over 443, but if the ASCI fails, it would default to 80.

0 Kudos