cancel
Showing results for 
Search instead for 
Did you mean: 

Suggestions for Remote Users?

My organization has several end users who work remotely and are not connected to the network.  They can connect to the network through VPN which will allow the agent to update as needed.  Since we cannot predict when a user will launch VPN, my question is if there are any suggestions to set up an Assigned Client Task for Product Deployment/Product Update tasks so when the user connects to VPN Agent will see this user has not checked in for a while and has these Deployments/Updates which need to be applied?

For example, if I set up a Client Task in my system Tree "Product Update" to apply Patch 12 to VES8.8 is there a schedule I can place it on so that the next time a remote user connects to our network on VPN (or stops into the office and plugs in) when the agent checks in it knows to apply this patch?

2 Replies
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Suggestions for Remote Users?

Do you have a way to differentiate these systems from your whole environment?  Do they connect during certain times of day?  You could have a task scheduled for maybe an average time of day that they might be logged in.  Then also set the task schedule to enable run missed task.  That would catch them if the systems happen to be off at the time of schedule, but not if they are just not on the network.  The task, in that case, would just run and fail.  I would suggest maybe having it run a couple of times a day to catch that scenario, but it would be best to not have that assigned to your whole environment.  That can generate too much repository traffic. 

Another suggestion might be to run a query looking for systems that don't have the desired patch installed (set it as a table type query).  Set up a server task to run that query, and as secondary action, apply a tag (create a tag for missing patch or something like that for this purpose).

Once you have the tag, create a client task that is assigned only to systems with that tag to run every couple of hours maybe. 

You would then want to set up another query to look for systems with that tag, but also have the desired patch.  Set up a server task to run that query, and as secondary action, remove that tag so they no longer run that task frequently. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
McAfee Employee Hawkmoon
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: Suggestions for Remote Users?

Hi JPLesser,

Here's one for you!

As the users are known to be mobile at the end of VPN you could simply place all of them in a group in the ePO system tree with the appropriate tasks and policies you want/seek.

In this way no matter what, where or when they 'call home' they are always subject to the various tasks and policy assigned to the container they belong to!

Maybe create a TAG for them alone that would always ensure they are assigned to that container (group) in ePO as a 'fail safe'.

 

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator