If client machines have internet access then they can download updates from McAfee Http site (update.nai.com). By default, McAfee http site would be set as 'fall back repository' in MA Repository policy.
Hi, how about if the AH is in a locked down enviroment (without internet) with no possibility for nodes to reach ePo ((since their only option (workstations/servers) is to go through through AH))? What would happen in that scenario? Does the AH also handle definitionsupdates or is it more for strict communication only?
An agent handler is basically a virtual extension of the epo server. It has a repository (is considered master repository), it handles all the communication of the agent that epo handles, such as policies, tasks, processing properties, events, etc. So yes, if your systems in that isolated environment can talk to that AH, it can handle anything the epo server can.
One thing you will need to do is make sure all required ports are open for the AH to be able to do all that. It will need ports open from ah to sql server as well as epo server - see KB66797. Basically to epo, it needs 8443, 8444, 443 and 80 open. You can probably get by without 80. It may also need 8081 open from epo to AH.
Was my reply helpful? If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.