So, long story short, all our Laptops are not managed by ePO currently. But after a few discussions it might be wise to do so now. My question is, is there a way to have the laptop look for updates by having the agent point to ePO while on the Network and then while off the network point to the internet? We currently upload a CAB file to the MID folder so we can do some exclusions, but I am not seeing a way to download updates from ePO and if no connection get them from the internet. In the repository I can add both ePO sites and internet sites. But you can't have them both enabled can you?
It depends what you mean by "updates". If you're referring to content updates, like DAT updates for example, then this is competely possible: all you have to do is ensure that one or more of the McAfee / Intel repositories (such as McAfeeHTTP) are enabled in the agent policy. Then when the client runs an update task, if it's on the network it will update from ePO or an internal repository: if it's not, then these will not be accessible, and it will fail over to the McAfee site and get the updates from there.
If by updates you mean new policies and tasks and so on, then no, by default your agents will be unable to reach the ePO server. If you want to control machines like this then you can place an agent handler in your DMZ, and clients configured to use it will be as controllable as they would be on the LAN.
I think Joe described it fairly precisely. The agents will not receive new tasks and policies while off-network. They will continue to run tasks that were scheduled on the clients. If you give them an update task that runs daily, the agents will run that task daily, whether or not they can connect to ePO. If they can access a local repository, they will update there, otherwise, they will update from McafeeHttp (assuming you have enabled that as a fallback repository in their policies).
That's correct - they'll keep enforcing the policies that they have, and running any tasks as scheduled, but won't be able to get any new policies or tasks (or send any events to ePO.)