1 Reply Latest reply on Apr 21, 2010 3:48 AM by JoeBidgood

    EPO Install Internal Network and DMZ

      Hello,

       

      I'm new to EPO, and have been tasked with setting up a new environment in our organization.

       

      I would like to know if this is possible.  I want to install EPO 4.5 on a machine in our DMZ.  The sole purpose of this machine will be to download content like DAT files from Mcafee.  I then want to install a second machine in our internal network that will use replication to pull all content from the DMZ server.  The firewall would be configured using NAT for the replication.  99% of our clients (mostly servers) are on an internal network, and we want them to get regular DAT updates from an internal EPO server, and the internal EPO servers is not permitted to talk to the Internet.  The DMZ server will use the built in version of SQL that comes with EPO, and SQL 2005 on a third server in the internal network.

       

      Will this actually function ? Would ports would be required ? Are there any others who have done this, or been in a smiliar situation for this kind of setup ?

       

      Thanks

        • 1. Re: EPO Install Internal Network and DMZ
          JoeBidgood

          This will certainly work, but it might be a bit like overkill   Pulling content from one ePO server to another is possible, but it can be slightly tricky to configure.

           

          As an alternative, you could put a single agent on a machine in the DMZ, and configure it to run a mirror task. This will download an exact copy of the McAfee commonupdater site to a folder. You can then make this folder available to the internal network in whatever way you choose - a UNC share, or make it part of an HTTP or FTP server. Then set the internal ePO server to pull from it.

           

          HTH -

           

          Regards,

           

          Joe