I have setup ePO with agent 4.8 on Windows for White-listing deployment.
I am seeing excessive UDP 8083 traffic on firewall which is listed as denial of service.
What is this service all about? Can it be disabled or fine tuned not to send excessive traffic floods?
8083 UDP: Relay server discovery for version 4.8 agents - When a McAfee Agent fails to connect to the McAfee ePO server, it broadcasts a message to discover any McAfee Agent with relay capability in its network. Each RelayServer responds to the message and the McAfee Agent establishes a connection with the first RelayServer to respond.
I have not set any Relay server, Is it enabled by default for the client to send boradcast to discover Relay Server?
I beleive this can be set from Agent General policy, deselect Enable Relay Communication.
Also is it necessary to have a proper name resolution (DNS) for the client to communicate to ePO server?
"Is it enabled by default for the client to send boradcast to discover Relay Server?" - I don't believe so; this seems to be an option that needs manual configuration.
" Agent General policy, deselect Enable Relay Communication." - Correct
"...necessary to have a proper name resolution (DNS) for the client to communicate to ePO server?" - Review order under Server Settings <> Agent Contact Method; since the agent will be using FQDN in some sort of order it would be better to have a FQDN name for your ePO server and systems then not to have one. IPs tend to change, so communicating by FQDN should increase the success rate of pushing policies, tasks, updates so on... to the precise system verse relying on the reported IP.