Can any help me to understand differences between Super Agent and Agent handler. As already gone through some of the article but almost all of them focused on below areas:
Super Agent: If we are managing large no. of nodes from single ePO server, than to distribute this load we will use special technique i.e. Super agent. From SA, agents will take updates..
Agent Handler: If we are managing large no. of nodes from single ePO server, than to distribute this load we will use special technique i.e. Agent Handler. From HA, agents will take updates..
Please let us know major differences through which I can clear my all confusions........
Clients can take updates through either an Agent Handler or a Super Agent repository, however, Agent Handlers do not show as repositories in ePO. This has some implications for how you configure your repository policies. Agent Handlers are more akin to your main ePO server and serve as a fallback point for updates.
The primary purpose of the Agent Handler is to offload communication with Agents from your primary ePO server. The Agent Handlers directly update the database and show have a low-latency connection to your database server. This saves the ePO server some CPU cycles, because you can offload the processing of client communication to the Agent Handlers.
Super Agents are simply repositories of updates, and allow clients to pull updates from their closest Super Agent repository. This saves you on WAN bandwidth.
I think this topic needs a bit more clarification. There are three, well four if you count our public CDN, mechanisms by which McAfee Agents can consume updates.
1. Agent Handlers. The ePO application server is also an agent handler. The Agent Handler service is a separate service from the ePO web application. It runs Apache and faciliates connectivity to the ePO database and is reponsible from consuming agent events and translating them into SQL inserts. The Agent Handler service is also a "proxy" of sorts to the master repository on the ePO server. When an agent checks in to the agent handler and requests a package, that package is delivered over HTTP via the Agent Handler. Agent handlers should NEVER be placed in remote locations. The agent handler requires an always-on, low-latency (<10 ms) connection directly to the SQL database. Most environments will be fine with no additional agent handlers, unless there is a desire for DMZ communication.
2. Super Agents w/ Lazy Caching - Super Agents is simply a feature of the McAfee Agent that when enabled allows select endpoints to serve content from the Master Repository to endpoints. Lazy Caching means that instead of synchronizing content on a set schedule, the agent will request content as it is needed.
3. Super Agent Distributed Repositories (sometimes referred to as SADRs). - This is the model that is most similar to SCCM distribution points, for those that are familar with that concept. You can designate systems to be Distributed Repositories and the master repository in its entirety will be synchronized to these systems. It is then possible via McAfee Agent repository policies to point systems to the appropriate distributed repository either by a set list, or based on ping times. Using SADRs requires that a server task be made to perform the synchronization on a schedule. I recommend doing a full replication every Sunday, and incremental replications every other day of the week. Replication must also be scheduled before any client update task so that it is ensured that clients receive the correct content.
4. McAfee public CDN - When systems are unable to reach internal update points, by default, unless removed from repository policies, systems will fallback to the McAfee CDN. On the CDN we only publish content such as v2/v3 DATs, HIPS content, AMCore content, etc. and not product updates like patches.
To directly answer your question, as long as the McAfeeHTTP repository is configured as the fallback in your repository policies, systems will continue to update even when they are off network or in the event that your ePO infrastructure is unavailable. If you're stuck, or need assistance, I'd suggest bringing in Professional Services for a health check and architecture assessment. It's what we're here for!
Thanks a lot for your informations taziegma
Can you please let me know Is there is any way to update policies/Push task for our remote user,in case there is no connectivity between remote agents and ePO server,can we achieve this from above concepts.