I manage an ePO server in my office and have recently deployed a new ePO server in a separate office that is 1500 miles away. Both ePO servers are in separate domains and manage systems only in their respective domains.
I have turned on Rogue System Detection and find that the the managed systems for each ePO server are being reported as Rogues in the other ePO server.
I found the option under Configuration --> Server Settings --> ePO Servers and added the other ePO server using the name, fully qualified domain name and even tried the IP, but nothing seems to work. The Agents in one domain can't seem to report to the ePO server in the other domain that they exist and this system is managed by another ePO server.
Has any one worked with RSD this way? Any advice on how to get the foriegn agent to talk to the server?
Any help would be appreciated.
Go to Configuration --> Server Settings --> Rogue System Matching and in the Alternative McAfee Agent Ports section, put the agent wakeup port of the other server. This will help identify the systems of the other server as "Alien" instead of "Rogue".
Thanks for answering. I did as you suggested and found no difference. The ePO servers do not recognize that there are Agents installed if they are installed by the foreign server and systems are still reporting as rogues.
There was one other thing I did try and that was to modify the Agent wake-up communication port and the Agent broadcast communication port on one server because they were the same on both servers. I waited 24 hours to see if there was any difference, and there was not. Is there something I need to do to cause the servers to re-examine the rogues now that the alternate port has been added?
For reference here are the ports:
Server 1 Server 2
Agent-to-server communication port: 80 8888
Agent-to-server communication secure port: Enabled 443 Enabled 443
Agent wake-up communication port: 8083 8081
Agent broadcast communication port: 8084 8083
Console-to-application server comm port: 8443 8443
Client-to-server authentication comm port: 8444 8444
Any other thoughts?
Try enabling the "RSD: Query New Rogue Detection" Automatic Response.
For the machines that are listed as rogue, if you "Query Agent", does that help?