cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Download McAfee components from Internal Infrastructure

Jump to solution

I am a Linux Admin and I am struggling to ask my ePO admins the right questions.  Please help.

Our team currently manually updates \\someserver\somepath\mcafee\Linux\Agent-5.5.  Dealing with windows shares in our infrastructure is ... difficult.  So I would really like to download the McAfee components from "ePO" directly.

By looking at http://update.nai.com/products/ and taking apart install.sh and looking at SiteList.xml I started looking at http://agent-handler:8333/Software/. Directory listings are forbidden but every directory seems to have a Replica.log file.  So I was able to poke around and was able to find McAfee products at http://<agent_handler>:8333/Software/<repo>/<software>/Install/0409/, where <repo> is Current, Evaluation or Previous.

More poking around I found that the name of the ePO agent for Linux seems to be called "EPOAGENT3700LYNX" (which is weird,  5.5==3700?  and Linx == Lynx?, but whatever).

We have 2 agent handlers and one "QA" agent handler that the ePO team uses for testing and such.

EPOAGENT3700LYNX seems to be on the "QA" agent handler only and not on the main agent handlers.

I am struggling with what to ask my ePO admin team for as I do not know the terminology.  What do I ask my ePO team to do to put EPOAGENT3700LYNX on the production agent handlers?

Is this the right place for me to retrieve the ePO agent files?  Should I be requesting them from a "Repository server?" because it seems to me "repository" is for virus def updates and I have not yet been able to gleen anything from https://<reposerver>.mycompany.com/ as directory listing there is also denied.

Thanks,

-Alan

 

1 Solution

Accepted Solutions
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Download McAfee components from Internal Infrastructure

Jump to solution

Have you checked all 3 branches on the production server for the EPOAGENT3700LYNX folder?  If so and it is not there, then ask them to check in the McAfee agent for Linux version 5.5.1 latest version.  Yes, that is the right product code for it - I know, it doesn't make sense.  Then have them tell you what branch they put it in, or at the very least send you the install.sh file from it.

Repositories should have the contents of the master repository on the epo server if they are replicating everything to it, which is the normal process.  So, if it is not in the repositories, then most likely it is not on epo either.  The repositories are not just for virus defs (excluding the McAfee repositories for update.nai.com - they are only for content updates).  Distributed repositories are designed to have everything that the master epo repository has so clients can get updates as well as software installs from them.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

5 Replies
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: Download McAfee components from Internal Infrastructure

Jump to solution

Have you checked all 3 branches on the production server for the EPOAGENT3700LYNX folder?  If so and it is not there, then ask them to check in the McAfee agent for Linux version 5.5.1 latest version.  Yes, that is the right product code for it - I know, it doesn't make sense.  Then have them tell you what branch they put it in, or at the very least send you the install.sh file from it.

Repositories should have the contents of the master repository on the epo server if they are replicating everything to it, which is the normal process.  So, if it is not in the repositories, then most likely it is not on epo either.  The repositories are not just for virus defs (excluding the McAfee repositories for update.nai.com - they are only for content updates).  Distributed repositories are designed to have everything that the master epo repository has so clients can get updates as well as software installs from them.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Download McAfee components from Internal Infrastructure

Jump to solution

Thank you, this is helpful.

Sure enough, the EPOAGENT3700LYNX is on the Experimental and Previous "branches" but not on the Current branch.

So I guess my questions to our ePO team are in fact.

  1. Can we use the Experimental or Previous branch?
    1. Do you regularly update these?
    2. If so, which?
  2. Is there a reason we are not "checking in" McAfee EPO Agent 5.5.1 for Linux to the Current "branch"?
    1. Should we be checking ePO Agent for Linux into the Current "branch"?

-Alan

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: Download McAfee components from Internal Infrastructure

Jump to solution

The evaluation and previous branches in epo are the epo admin's choice to check software into.  It doesn't matter what branch the point product is in, the product is the same regardless of the branch.  Those branches are used to help prevent software from being pushed out (mostly patches) prematurely without testing first on some systems.  An admin may choose to put the Linux agent in eval or previous just as a reminder to test, or whatever reason they choose.  So, whether it is not in current or it is, really doesn't matter.  You just have to know what version is in each branch, as they are most likely different versions.  And you need to know if it is a supported version for your kernel/version of Linux.  You can view that information in this kb - KB51573.  Additionally, the agent product guide has instructions for manual install as well as command line options for the agent.  See PD27370.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: Download McAfee components from Internal Infrastructure

Jump to solution

Ok, so from what I can gather there are two kinds of "repositories".

  1. Content Repositories
    * Contain DAT files
    * Separate from Agent Handlers
    * Described by <HttpSite/> nodes in sitelist.xml
    * update.nai.com (and other names) are Content Repositories
  2. Software Repositories
    * Contain McAfee software binaries (Agent, Intel TP, Solidcore etc)
    * Found on Agent Handlers
    * Described by <SpipeSite/> nodes in sitelist.xml
    * Have different "Branches" which are points in time basically, controlled by the ePO admins
    * Can selectively include McAfee software (selected by ePO admins)

Is this correct?

I ask because my ePO team is now asking me to hold off until they can deploy a "repository" server, which I take to mean a "Content Repository" server, into our cloud provider where we will then be able to retrieve installers from.

If my understanding is correct a "Content Repository" does not contain the installers and that if our ePO team were insisting on deploying anything into our cloud provider, to help me, they should be deploying another Agent Handler.  Is this correct?

Thank you,

-Alan

 

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: Download McAfee components from Internal Infrastructure

Jump to solution

Your assumptions on repository types are not correct.  EPO can be configured to use distributed repositories of these types:

UNC or </UNCSite> - a shared folder defined on system of choice that contains the contents of the master epo repository - this includes content as well as product installers.  Contains all branches that have data in them
HTTP or </HttpSite> - can be an internal or external http server set up by the epo admin for this purpose or the McAfee http site.  The McAfee site only contains content updates, but any company created internal/external http server can also contain product installers.  Also contains all branches except for McAfee site
FTP or </FtpSite> - same config as http
Superagent or </SuperAgentSite> - an epo agent on a system is configured as a distributed repository - contains content and point product installers.  Also contains all branches

spipe entries are the epo server and any agent handlers including all branches.

 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community