cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
j.hawes
Level 9
Report Inappropriate Content
Message 1 of 4

Creation of internal repository (ePO 5.10.)

Jump to solution

ePO is a wonderful tool! I can schedule automated pulls of updated packages directly from a repository to keep my ePO servers up to date. Unfortunately, my ePO servers are in air-gapped networks, and require constant maintenance to keep the available products up to date.  This became an issue when I went out for surgery. 

I would like to know how to set up a web repository, internal to our networks, where new and updated products can be pulled, by the various ePO servers, to keep them updated.

DATs we don't have a problem with.  I have a VERY simple to follow internal Wiki article which takes even the new folks through pulling down the v3 DAT files, and the loading them into the four (4) individual servers.  I would like to automate this somehow.

Any thoughts on how this can be automated?

McAfee ePolicy Orchestrator 

1 Solution

Accepted Solutions
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Creation of internal repository (ePO 5.10.)

Jump to solution

There really is no way other than using a non-airgapped epo server to pull content and where you can check in point products from software catalog.  You would open port 443/80 basically from the air gapped epo to the non-air gapped.  Then, follow KB82581 to share keys so you can use that epo server as a source site for pulls.  I don't believe it would pull the point products (content only), it would only give you the option to download them so they can be checked into the air gapped system.  

If you don't want to open ports up from the epo server to the internet accessible epo, you can set up one system that has no other function and use that to set up a mirror task.  That pulls content from the McAfee site and stores it in the mirror location.  That can then be used as a source repository location for content updates by your internal epo server.

Either way you set it up, any point product updates would still need to be checked in manually, but at least that is not a daily necessity.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

3 Replies
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Creation of internal repository (ePO 5.10.)

Jump to solution

There really is no way other than using a non-airgapped epo server to pull content and where you can check in point products from software catalog.  You would open port 443/80 basically from the air gapped epo to the non-air gapped.  Then, follow KB82581 to share keys so you can use that epo server as a source site for pulls.  I don't believe it would pull the point products (content only), it would only give you the option to download them so they can be checked into the air gapped system.  

If you don't want to open ports up from the epo server to the internet accessible epo, you can set up one system that has no other function and use that to set up a mirror task.  That pulls content from the McAfee site and stores it in the mirror location.  That can then be used as a source repository location for content updates by your internal epo server.

Either way you set it up, any point product updates would still need to be checked in manually, but at least that is not a daily necessity.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

j.hawes
Level 9
Report Inappropriate Content
Message 3 of 4

Re: Creation of internal repository (ePO 5.10.)

Jump to solution
This is sort of what I thought, but decided to ask anyway. In our network it isn't a matter of logical separation as much as physical separation. With four separate networks to maintain, I would have been nice to have the "mirror", but I understand that each package would have to be checked in separately.
Thank you for such a rapid answer.
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Creation of internal repository (ePO 5.10.)

Jump to solution

Yea, that makes it a little difficult.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community