here is my analysis, removing the IP addresses in question.
From the capture, it appears there are some network issues, or possibly faulty nic on the epo server, it is hard to determine. Here is what I found.
The capture ran for one minute, 11 seconds, which is not a lot of time.
The capture, in that one minute time frame had 156 tcp out-of-order packets, indicating packets aren't being received in same order they were sent and there are frequent reordering of packets 3. There were 108 previous segment not captured packets, which can have same result as dropped packets
Source of those in items number 2 & 3 is IP address 10.x.x.x Destination is 10.x.x.x
All those errors were between these 2 devices, I would definitely identify those and why such issues.
There were also 12 connection resets between those 2 systems.
There were no update attempts from McAfee update site, which I was hoping to capture the failure from.
However, this is enough to say there are some issues somewhere. If one of the ip addresses involved is your sql server, that is a problem. If it happens to be a firewall/proxy/router or other such device, that is a bigger problem for your network.
I don't think it is the fault of epo server at this point. If it was the server nic having issue, I would expect to see packet losses from everywhere, but it is only between those 2 ip addresses, at least for that point in time of the capture.
as fyi, one of the ip addresses is the epo server, the other is proxy. Clearly a proxy issue.
Was my reply helpful? If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?