Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 3

Ensuring ePO deploys to all PCs/Laptops

Good morning,

We have ran ePO for several years but the original server was set up with mostly default options and wasn't maintained. Due to colleagues leaving the organisation I have adopted ePO and the management of it. Earlier this year we deployed a new server with the latest version of ePO and started to migrate clients over to this ePO server. The previous server is still in place and is still managing some clients. Ideally I want to get everything moved over to the new server so we can decommission the old one.

I'm looking for some advice to ensure the new server is capturing existing and new clients and installing the agent as well as ENS.

We currently have a server task configured which searches for any unmanaged systems with the 'DT' and 'LT' tag (desktop and laptop) and attempts to deploy the agent. We also have a continous deployment setup in the product deployment section which attempts to push Endpoint Security Threat Prevention, Endpoint Security Firewall & Endpoint Security Platform to anything with the DT and LT tag.

Is this the best way to go about it?

The only thing I'm then worried about is new systems. We have AD Sync on but I'm not sure if anything is being automatically tagged with 'DT' or 'LT' (or if this is even possible?)

Any help/advice or tips and tricks would be much appreciated, as I'm still finding my way round the product!

Thanks in advance.


2 Replies
Level 8
Report Inappropriate Content
Message 2 of 3

Re: Ensuring ePO deploys to all PCs/Laptops

This sounds like a case for Rogue System Detection.

If you schedule an hourly check for new rogues and deploy mcafee agent as a response to that task you should be ok.

Then schedule an hourly task to deploy your chosen av software and you should be set, no machine will be able to be on your network for more than 2 hours at most before it has av on it.

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 3

Re: Ensuring ePO deploys to all PCs/Laptops

​, Welcome to McAfee community.

This is a common scenario. First thing you should do is "register" each server on the other one. You will have to export/import keys. ​What this will allow is to "transfer" your - systems, policies, tasks, tags etc from OLD server to the new one with click of a button. Once you've transferred all systems, keep the old server up for some time to see whether some agents are still connected to it.

Existing clients can be "transferred" to new ePO after registering as mentioned above. OR you can install McAfee agent on these systems which will then communicate with new EPO.

New clients - Setup RSD as mentioned by ​ above. Highly active servers such as DNS, DHCP, DCs are good candidates. As always, test for any adverse performance impact. You can create custom "Query" based server tasks that will target "unamanged" systems and will try to deploy agents on them. I'm assuming your systems are domain joined, which will make the deployment process easy. In addition, you can provide your technicians the McAfee agent package to be baked on their system image. This way when machines are given to users, they will already have McAfee agent (and other packages such as ENS).

You can most certainly apply tags automatically. It depends on few things. For example, if your laptops and desktops are in different containers in AD, within McAfee ePO, you can configure your systems folder to apply those tags. If your systems have certain naming conventions (ie - name begins with "DT" or "LT" prefix) you can apply tags as needed.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community