cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ryzal
Level 8
Report Inappropriate Content
Message 1 of 4

How does ePO MVISION reached out to agent in agent wake up call where the agent is behind firewall

I am curious, how does ePO cloud able to wake up agent where the agent is behind a firewall and using a private IP. In network communication, ePO is an external network and using public IP. In waking up and agent, ePO will be trying to reach the agent and tell them that they need to report back to ePO and grab whatever updated policy configured at the ePO, but the agent is inside the network where they are using a private IP.

But as i have tested, Im curious, how the ePO able to wake up an agent behind a firewall which separating the public and private network. I believe it has something to do with how dxl works.

Appreciate some highlight. This is very useful for my explanation to customer and management.

Thank you.

3 Replies
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: How does ePO MVISION reached out to agent in agent wake up call where the agent is behind firewa

KB90878 lists ports required for MVision.  Here are some basics for how dxl works:

If the DXL Client for ePO extension is checked in and there is a DXL broker + DXL client deployed then the wakeup will be sent via DXL fabric.
 
The DXL Client for ePO connects tomcat to the fabric. And sends a DXL message the broker broadcasts the message and the DXL client (with its persistent connection with the broker) responds to the message and the DXL client pokes MA and tells him to check in with ePO.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: How does ePO MVISION reached out to agent in agent wake up call where the agent is behind firewa

Hi thanks for the reply,
when you said persistent connection with the broker, do you mean that the dxl client and the dxl broker at the cloud is always communicating with each other, like a keep alive message between the 2 components?
Can you describe more when you said "connects tomcat to the fabric"?

Thanks.
cdinet
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: How does ePO MVISION reached out to agent in agent wake up call where the agent is behind firewa

The clients only connect via dxl when there are messages sent, which can be during asci, or other types and frequency can depend on a lot of things.  This might give you a little info on dxl fabric.  It is basically the dxl backbone where everything is connected. 

The DXL fabric - McAfee Data Exchange Layer 5.0.x

 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community