This content has been marked as final. Show 9 replies
You can run your PDA service on your DMZ, and ensure that it connects to your central DB.
So, install the MEE Manager on your DMZ-ed server, and rather than creating a new database there, simply click cancel whenever it asks you to do so, go to Edit Connections --> Add --> Type: Remote --> Location: <ip address or hostname or whichever from your central database>.
After that, execute the PDA Service to be running, using the central DB.
Thanks Eelco Plugge
I try to do this configuration and it’s work, the object’s created in internal MEE synchronize with the MEE in DMZ Zone, but we don´t need the PDA Service Running on the MEE in DMZ zone?
Sorry, thanks HTH happy
What is the best way to this? Public this service on my firewall or create two MEE server (DMZ and Internal network) and synchronize both (but in this scenario the PDA service must be running)?
So, you install the management software on the gateway machine / any machine which accepts incoming connections upon port 5557, set up a remote connection to the database in your live environment (Add connection --> Remote --> IP Address), add a PDA server for your gateway machine and run it.
But, the service “McAfee Endpoint Encryption PDA Server” is running where? In the Gateway Machine or in my live environment?
you have three options:
1. (preferred) - route the right ports through your firewall/DMZ to the internal MEE Server process
2. route NetBIOS through your firewall to the internal share hosting the MEE database, and install a stand alone PDA server in your DMZ
3. Install a stand-alone environment in your DMZ and run multiple policy databases.
We will try the first option…
The first solution work’s well… after some tricky configurations on ISA server :)