cancel
Showing results for 
Search instead for 
Did you mean: 

Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

Hello

Due to our security policy, we do not allow the opening of port 445 on our firewalls and we use McAfee EPO 5.x and Agent 5.5+ to manage and protect our systems along with using VSE 8.8.

Is there any alternative solution to deploy mcafee Agent remotely without opening port 445 (SMB/CIFS) ?

5 Replies
McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

Hi Skythein,

Not sure I follow you on this.

Deployment operations from ePO use port 80 and 443, where port 445 is used by ePO for ePO console logon when authenticating Active Directory users.

Ref:
Ports needed by ePolicy Orchestrator for communication through a firewall Technical Articles ID: KB6...

Can you (are you permitted) to explain more about what you are doing and how you propose to do it please?

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

Hello

I am talking about product deployment task which aims at deploying agent on multiple client systems at the same time. 

According to the documentation (source: https://docs.mcafee.com/), it is mandatory to have access to the Admin$ share folder for the deposit of the FramePkg file (Agent package) on Windows target systems so it means the need of port 445 if i do understand correctly ? 

Do you then confirm that the task of deployment for the McAfee Agent on Windows systems should not require the port 445 to be opened on the firewall(s) between the EPO server and the targets ?

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

SMB is used to authenticate the user's credentials with active directory when pushing an agent.  So in that case, it is required.  However, you can use 3rd party deployment tools, such as SCCM or other deployment methods.  The install guide for the agent has instructions for creating an msi package for that.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 5 of 6

Re: Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

Alternatively, you can use the smart installer.  The install guide also lists instructions for that.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Deploy Agent remotely from McAfee EPO without port 445 (SMB/CIFS)

maybe you can generate the installation package and try to deploy it on the computers with some other installer deployment tool

 

delete now2.PNG

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community