I do not think that the agent would accept non-encrypted traffic from any client. Rather, what I assume, you could send a script on to clients that forces the McAfee Agent to contact the ePO server:
"(McAfee Agent install folder)\CMDAGENT.EXE /p"
where p is
S - Collect and send properties and events
C - Check new policies
E - Enforce policies
Is that what you had in mind?
Yes thats what i found out so far.
But i was hoping there was some smart workaround.
The only http request an agent will accept outside of ePO is the one which will display the agent log as XML via the agent wakeup port.
For example http://192.168.1.1:8081
Even this can be denied by agent policy or limited to being accepted only from the ePO server.
It's a security feature, and is unlikely to change.