2 Replies Latest reply on Feb 15, 2010 6:57 AM by ottawa_tech_31

    Mcafee agent on standalone machines (DMZ)


      I've been tasked with putting up an ePO box for my DMZ machines. Most are Linux based, but we have a few windows boxes for specific applications. We want to keep DMZ hosts seperate from LAN hosts.


      I've got an agent for Linux just so the boxes check in (no A/V, just agent), and an agent for Windows boxes (with A/V8/7). The main point of the Epo box is for DAT file updates, as boxes in the DMZ can't connect to the internet. (I've put up a WSUS server for similar reasons.)


      The issues is that, being a DMZ, all those boxes are standalone. No A/D or central auth. I've gotten (most) system owners to install the agent and A/V, and I see boxes checking in.


      However, as all boxes are essentially un-managed (from an A/D perspective), I can't deploy ANYTHING to them (patches, Anti-spyware, RSD, etc...).


      Is there a best-practice way to deal with these machines? Anyone had to overcome these kinds of issues? Any advice on how to simplify my management of these boxes?