cancel
Showing results for 
Search instead for 
Did you mean: 

Push updates to Local only servers

Jump to solution

I have a Domain that is locked down from the ineternet that has about 2000 users. We have another Domain that is able to connect to the internet and download the daily updates. Is there a way I can push these updates to the offline EPO server? I have created a script to download the files via WinSCP dll and Powershell but again faced with no internet connection in this environment and very strong security policies.

1 Solution

Accepted Solutions
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 10

Re: Push updates to Local only servers

Jump to solution

No, you can use any repository type you like. A superagent, HTTP or FTP repo might be easiest in your environment, since UNC will require authentication which may be tricky given the isolated nature of the second domain.

HTH -

Joe

9 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 10

Re: Push updates to Local only servers

Jump to solution

Is the locked-down domain able to communicate with the other domain, or is it completely isolated?

Thanks -

Joe

Re: Push updates to Local only servers

Jump to solution

It is isolated but I can request exceptions to be made to security like maybe a service account, ports to be opened and things like that if needed.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 10

Re: Push updates to Local only servers

Jump to solution

That will make life easier    Have a look at an older thread here:  https://community.mcafee.com/message/304325#304325

This describes probably the easiest approach for you.

HTH -

Joe

Re: Push updates to Local only servers

Jump to solution

Thanks Joe that sounds easy enough. I will report back and let you know how it goes.

Re: Push updates to Local only servers

Jump to solution

Joe,

Do I need to use Super Agents for this? I am watching this Mcafee video on how to create a Repository.

https://www.youtube.com/watch?v=mfzjO1W7VBY

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 10

Re: Push updates to Local only servers

Jump to solution

No, you can use any repository type you like. A superagent, HTTP or FTP repo might be easiest in your environment, since UNC will require authentication which may be tricky given the isolated nature of the second domain.

HTH -

Joe

Re: Push updates to Local only servers

Jump to solution

Thanks for the help I was able to configure this and everything is working smooth now. I am just left with the question of what really needs to be updated and if I should be doing a full update or just update the dat files.

Re: Push updates to Local only servers

Jump to solution

Hi Joe, I was able to get this to work however, I am curious about the HTTP updates and what I would add as a firewall rule to download these updates. Would I use update.nai.com port 80 or a more defined exception http://update.nai.com/products/commonupdater2/ Port 80? Thanks for all of your help.

McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 10 of 10

Re: Push updates to Local only servers

Jump to solution

I'm a little confused - you shouldn't need to add any rules. Can you post a diagram of the environment and clarify what you're trying to achieve?

Thanks -

Joe