I deployed EEGO on PCs. After EEGO I see in EEGO report e lot of incompliance regarding datachannel. Can I use for the control data channel connections "PIng Machine using Data Channels"? What would be an efect of the ping machine using data channel and what result should be expected? Do you have an idea? Thanks
Thanks Mat. Can I find in MfeEpe.log reason why data channel is incompliance? For example that 8081 port is blocked or another reason? McAfee agent with AV is working correctly on host with problematic data channel. Thanks
Not sure if you saw this section of the KB artical that I posted:
Endpoint Encryption Test Failures
This monitor lists the number of test failures in the environment. If a system is represented in this monitor, then it will have a status of "Failed" in the Endpoint Encryption Go Compliance monitor.
Data Channel (Client to Server)
This indicates if the client was able to initiate a data channel connection to the ePO server. This might fail if the endpoint has no network connection, or if the ePO server was down or too busy to receive connections. Remember that this test failure may occur after EEPC has been successfully deployed to the system. EE Go continues running its checks even if they have been previously successful or if EEPC is already installed and active.
Data Channel (Server to Client)
This indicates if the client received a response from the server within the 30 minute window that it waits. This is the most common failure that we see because systems are often times off the corporate network and connected to an access point that does network address translation, making it impossible for ePO to initiate a session with the client. This situation usually remedies itself by the end user simply connecting to the corporate network or connecting via VPN. Again, this may not indicate an actual problem because the system could have passed the test previously but cannot pass the test again in its current state. Given the nature of the tes, we actually expect to see failures in the real world (unless users are always connected to the network or connected via VPN).
EEPC GO reports it's status through the mcafee agent ASCI.
|Default Port||Protocol||Traffic direction|
|80||TCP||Outbound connection to the ePO server/Agent Handler|
|443||TCP||Outbound connection to the ePO server/Agent Handler|
|8081||TCP||Inbound connection from the ePO server/Agent Handler. If the agent is a SuperAgent repository then inbound connection from other McAfee Agents.|
|8082||UDP||Inbound connection to Agents. Inbound/Outbound connection from/to SuperAgents|
Thanks. If I understand correctly, Mcafee agent and ENdpoint encryption agent use the some ports but communication between endpoint encryption agent and ePO is called "Data Channel communication" and Data channel communication is only for encryption purpose like back up encryption key. Is it correct?
I wouldn't say that they use the same ports but my understanding is that EEPC Go communicates to the agent then the agent passes the information allong to epo. Epo will reach out to try and initiate communication with the agent periodically and if the computer is not reachable then EEPC Go will report a failure. I'm not 100% possitive that this is how it works but it is what seems to me that the KB artical is saying and what seems to be happening.
So in this instance if you have any desktops with EEPC Go on them then they would likely not report a data channel failure but if you have laptops it will report a failure when the laptop is off the network for some time.