3 Replies Latest reply on Dec 6, 2010 3:46 PM by francoisb

    Stunning performance of ePO-MVT


      Yesterday I created a new tag and some queries and tasks that do the following:

      Tag any 8.5 installs as non-compliant

      Tag any dats more than 7 versions old as non-compliant

      Tag any old agents (not or

      Remove non-compliant tags from all compliant machines (meaning the dats are with 7 versions of current)

      Run a client task that runs a remediation task on all machines with a non-compliant tag and forces a reboot within ten minutes if required.


      Yesterday I had almost 1200 non-compliant machines (meaning not 8.7i with agent and dats within 7 versions over the past month).  Today I have 612!  ePO-MVT has literally remediated almost half my problem machines automatically in the past 24 hours.  I have gone from 62% complaince to 86% compliance in one day with no technician intervention required.


      Kudos to McAfee for an incredibly effective product.



      Message was edited by: pschmehl on 12/3/10 3:26:08 PM CST
        • 1. Re: Stunning performance of ePO-MVT



          i have a similar issue- many machines uncompliant ( DAT out of date)- getting a report from epo every day.  How did you manage to assign tags to machines with more than 7 days  - which tag ? When I go to the tag catalog I can only see criteria based on hardware (ie. ip, cpu,disk space).


          In automation I can assign tag based on my report but again which tag would that be. Also, in automation I can run a query against my report but as "sub action" what is missing is "run a task" based on that outcome. Any help is welcome.

          • 2. Re: Stunning performance of ePO-MVT

            It takes more than one step.


            1. 1) Create a tag - I named it "Non-compliant systems"
            2. 2) Create several queries (use Table)  The reason you have to create several queries (McAfee, are you listening?) is because you can't do logical ORs in queries between different Available Properties - only within each property
              1. Systems with dats more than X number of versions old (I use 7)
              2. Systems with agents older than your current agent (IOW, Not Equal to your current version)
              3. Systems with old VSE versions installed (IOW, Not Equal to your current version)
              4. Systems with old scan engine versions (IOW, Not Equal to your current version)
            3. Create a server task that tags out of compliance versions  (Run each query and tag the results)
            4. Create a client task that runs ePO-MVT on systems tagged non-compliant on a scheduled basis - be sure to force a reboot if required


            Without doing anything else I am now down to 503 non-compliant systems.  So over 700 systems have been automagically remediated by ePO-MVT and are now up to date.

            • 3. Re: Stunning performance of ePO-MVT

              pschmehl ,


              understand...fab......I was looking around to assign a criteria but relaised that I don't have too.... everything else is clear

              Merci beaucoup...