cancel
Showing results for 
Search instead for 
Did you mean: 
idimou
Level 7
Report Inappropriate Content
Message 1 of 20

ePO 4.0 updates to VSE 8.5 are too big (>100MB)

Hi,
we have a network of 150 VSE 8.5 clients maneged by ePO 4.0.
It is not allowed to have a direct connection to the internet so we download dat or sdat files from McAfee and check them in to our 2 ePO repositories.
I don't mind having to download >100MB of virus definition updates to the server, BUT is it really necessary to push such a big update file to the clients?
Shouldn't there be a way to do incremental updates?
Even with multiple repositories this is simply too much.
Is there perhaps some policy setting in the ePO that I'm missing?
19 Replies
dustrho
Level 7
Report Inappropriate Content
Message 2 of 20

RE: ePO 4.0 updates to VSE 8.5 are too big (>100MB)

This seems to be a known complaint from many other McAfee customers, including myself.

Over 100MB Update files

OMG.. I thought the 36MB sizes were crazy when I stopped using it. Sophos uses 2k-3k update files. Ages ago they had us upgrading to a new engine 4.0??? and one of the promised features was a much smaller truly incremental dat update ability. It never happened. When I read it's up to 100MB now I just cracked up.

- Joe
tonyb99
Level 13
Report Inappropriate Content
Message 4 of 20

RE: Over 100MB Update files

the full 100MB+ sdat is only used when the client is totally out of date, normal incremental updates with upd/gem files are much smaller 50-200KB
gmc_za
Level 8
Report Inappropriate Content
Message 5 of 20

RE: Over 100MB Update files

I agree - especially with daily updates. It means distributing 100MB+ of updates to all the super agents every day! Its madness!

Updated clients only use the incrementals, but the SDAT gets copied over as well.
idimou
Level 7
Report Inappropriate Content
Message 6 of 20

RE: Over 100MB Update files



How do I setup my clients to use upd/gem files?
Do I need to download a different file (other than sdat) from McAfee?
The only "incremental" file on the McAfee updates page is for "incremental engine updates".
My ePO server is in an internal network that is not allowed to acces the internet.
PhilR
Level 12
Report Inappropriate Content
Message 7 of 20

RE: Over 100MB Update files

You need to sort out the real problem, which is the refusal to allow your ePO server to act properly and download what it needs from the net.

Get the people who are in control of these decisions into a meeting and explain to them the consequences of their policies.

Cheers,

Phil
Highlighted
tonyb99
Level 13
Report Inappropriate Content
Message 8 of 20

RE: Over 100MB Update files

I never even bothered to check in a superdat to epo last time I rebuilt it

my new installs pull down the avvdat-5xxx.zip (which is part of the daily DATS in your reposi) if they are old which is usually only about 60MB and if they are not that out of date (within about 15-20 days) they just use the gem files which are small.

do you have a superdat checked in?
how out of date is your baseline vse install you have checked in?
idimou
Level 7
Report Inappropriate Content
Message 9 of 20

RE: Over 100MB Update files



It is a military network. We have pretty strict rules on this.

Anyway I eventually found the answer:
I ought to have used the
http://download.nai.com/products/DatFiles/4.x/NAI/epoXXXXdat.zip file found under the packages tab on McAffee's site with the confusing and unacceptable title
"DAT Package For Use with Mcafee AutoUpdate Architect & ePO 3.0" (!!!).
Of course it works with ePO 4.0 and higher and contains the incremental gem updates that I need.
Would it be too much trouble for the McAffee admins to rename it?
I'm sure most people will confuse it with legacy files for ePO 3.0, like I did. There are others complaining in the forum about this too.
gmc_za
Level 8
Report Inappropriate Content
Message 10 of 20

RE: Over 100MB Update files



Even if it it a military network - if your EPO server is not allowed to access the internet it can't get updates automatically. You might as well switch it off then as your AV is as good as useless.
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator