cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

DAT file deployment schedule - Best practices

Hi,

I'm looking at the McAfee best practices for DAT deployment on my workstations. I asked the question to McAfee and their recommendation is to schedule a task at 3pm and another one at the user "logon". I'm wondering if it would be better to have only one task at 3pm with the option to repeat every hours.

I'm not sure if it make sense and I would like to have your feedback.

Thanks.

10 Replies
Highlighted
Former Member
Not applicable
Report Inappropriate Content
Message 2 of 11

Re: DAT file deployment schedule - Best practices

stephane,

You want to have one at login as well, I set the policy to run the update 10-15 minutes after the user logs in.  This catches folks who have been out of the office or left their system turned off.  I also have a policy set for the system to call home to ePO if it hasn't communicated in 24 hours.

You should have an emergency DAT distribution set up, but disabled.  I've used it once in five years, and the bad DAT detection caught most of the bad DATS.

HTH,

DocB

Highlighted

Re: DAT file deployment schedule - Best practices

Hello DocB,

Thank you very much for your recommendation. I will definitely add a validation at login like you did. I'm sorry but I'm not sure to understand your comment on "The system to call home to ePO" ? Can you explain more in details.

Have a great day.

Highlighted
Former Member
Not applicable
Report Inappropriate Content
Message 4 of 11

Re: DAT file deployment schedule - Best practices

stephane,

You can set a parameter for the Agent to call into the ePO server if it hasn't communicated with the server within a certain period of time.  This way it gets any changed policies, new or updated client tasks, or other changed ePO parameters.  I use 24 hours, others may use longer or shorter time periods as their situation permits or requires.

HTH,

DocB

Highlighted

Re: DAT file deployment schedule - Best practices

Thanks DocB.

You help has been much appreciated.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 6 of 11

Re: DAT file deployment schedule - Best practices

Hi

You can set it up for 3pm but keep in mind daily DATs are released slightly after 4pm. That means your clients are nearly 1 day behind. Many people choose to delay DAT updates by 1 day for servers but workstations get update right away or just few hours after they are released. This can be done in two ways. One is simply configuring policies to use "previous" branch for dat update OR time the scheduled task cleverly. Also since DATs are released once a day, deploying it every hour can cause unnecessary bandwidth usage. Scheduling requires understanding of your environment. Are systems shut down at the end of the day? What's the earliest hour users start using their systems? How can you target and achieve the maximum systems? You may consider different schedule for different office locations.

Some good FYI materials:

FAQs for V2 DAT files

McAfee VirusScan Enterprise 8.8 Best Practices Guide

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 7 of 11

Re: DAT file deployment schedule - Best practices

Also, depending on the environment - you may consider the option for "

If this information was helpful or has answered your question, please select Accept as Solution. This will assist other memebers
Highlighted

Re: DAT file deployment schedule - Best practices

Thanks guys,

It seems that my issue is for some computers only, they don't pull the DAT update. At this time, I have two client tasks assigned, one in the morning at 7ham and the other one at the evening at 9pm. This has been configured by someone else. I would like to change these schedules because they are not optimal. (even with the option "Run missed task 10 minute delay". I think that this option doesn't work sometimes. I've taken a look at few computers in the agent log and can't see any entry about the DAT validation after this 10 minutes. (computers with the issue of course)

The majority of the systems are not shut down at the end of the day. We have a lot of laptop traveling from home to the office. Those laptops use the VPN to connect on the business network remotely so they have access to the ePO server all the time.

Our users starts working around 9h am to 5h pm. The randomization is a good option and I will use it in the new schedule. Yes, the idea to run a query for the workstation online and not up to date every hour is too extensive. If my new schedules works fine, I think I won't need it anymore.

Thanks again guys.

Highlighted
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 9 of 11

Re: DAT file deployment schedule - Best practices

I have used the following task with much success:

Schedule type: Daily

Start time: 12AM

Run at that time, and then repeat until: 11:59PM

During repeat, start task every: 1hr

Enable randomization: 1hr

Run missed task: 5 minutes

Also, under CMA/General Policy - Agent-server communication: Initiate agent-to-server communication within 10 minutes after startup if policies are older than (days): 1 and enable Retrieve all system and product properties (recommended). If unchecked retrieve only a subset of properties.

If this information was helpful or has answered your question, please select Accept as Solution. This will assist other memebers
Highlighted

Re: DAT file deployment schedule - Best practices

Thanks for sharing your configuration Tao,

That make sense also. I will think about it.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community