I have done quite a bit of reviewing of questions and answers and looking at the information and I just want to clarify something before I go have a possibly large argument internally.
This is so I can limit the number of open ports in the firewall.
For an McAfee Agent what are the mimimum essential ports and their direction that are required for the ePO communication.
from my looking, this is my presumption.
Agents are 4.5
ePO Server is 4.5
No Port Service Direction Description Detail
1) 443 SSL TCP Agent Outbound to ePO Agent communcations to EPO required for Agent to contact ePO server
2) 8081 ? TCP ePO inbound to Agent Wake up request to Agent from ePO server unsure why required
3) 21 ftp TCP Agent Outbound to Repository Pull updates into Client to get DAT and other updates from ePO or repository server
NB: I realise 3) could also be http but... that is possibly marginally worse than allowing ftp .. depending on your point of view.
Are only 1) and 3) required or do you need 2) as well.
is 2) essential or only nice to have, i.e. you can from the ePO server push or query the agent running on a client.
Can you only use ftp or http to retrieve updates etc from a repository?
.... and ... while I am asking stupid questions I might as well as one more
Where you have multiple repositories, say 10 repositories, I presume you would need all 10 IP's in the rule (
Also there is are a couple of other Services
Port 8082 UDP - Agent Broadcast communication port - which looks to be only used by SuperAgents (or for SuperAgents to communicate with Agents) So if you are not using SuperAgents it is either NOT required, or if the SuperAgent is on the Agent side of the firewall it doesn't need to be open in the firewall.
Port 8444 - Sensor to server communications port - for ePO App Server to receive RSD and Event Parser connections - ?? not sure if Agents do this job so I presume not required.
Message was edited by: DazSki on 1/11/11 6:02:10 AM CST