5 Replies Latest reply: Feb 15, 2011 3:28 AM by JoeBidgood RSS

    SADR (SuperAgent Distributed Repository)

    DC-SG

      Greetings All,

       

      I read an article about SADR somewhere. (I think it’s in McAfee KB though I cannot find the article anymore). That article showed the number of clients versus # of SADR and traffic time. I remember that the article did not show any SADR if an ePO server supporting less than 1000 clients, partiuclarly in a non-WAN environment. My network is just a LAN.  It also has only about 250 clients. All clients are in the same building though they are on different floors. 

       

      Now I would like to ask you 3 questions:

       

      Q1: Do I need to have a SADR based on the number of clients my ePO server supports and the network is not a WAN?

       

      Q2: Currently, my ePO server (vesion 4.0, HIPS 7.0) does not have a SADR. If I have to implement SADR (due to some new requirements), what is the impact of the newly created SADR on the current clients? Although I have a very good client organization for my ePO, few subnets have only 2 or 3 clients due to their physical locations (I.E. on different floors).

       

      Q3: Still suppose that I have to implement SADR, should I wait until I upgrade my ePO to 4.5 (which I predict that I have to it soon)?

       

      Thank you very much in advance for your adices and comments.

       

      Best Regards,

       

      DC-SG

        • 1. Re: SADR (SuperAgent Distributed Repository)
          JoeBidgood

          From what you describe here, I would think a distributed repository (of any kind - not just a superagent) is not required. The time you would start to need a distributed repo would be if the number of client machines updating from the master repo was adversely affecting the ePO server itself.

           

          HTH -

           

          Joe

          • 2. Re: SADR (SuperAgent Distributed Repository)
            DC-SG

            Joe,


            Thank you.

            Your reply helps me out although it did not answer my question regarding the impact of deploying SADR in case it is mandatory to have SADR.

            For example, one of my subnest has only 2 clients.  What would happen if I don't have SADR on that subnet while having SADR on the rest?


            Below is the quote from McAfee KB.

            Best practices

            To deploy sufficient numbers of SuperAgents to the appropriate locations, first determine the

            broadcast segments in your environment and select a system (preferably a server) in each to

            host a SuperAgent. Be aware that agents in broadcast segments without SuperAgents do not

            receive the broadcast wake-up call, and therefore, do not call in to the server.

            [https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/ 20000/PD20053/en_US/epo_402_product_guide_en-us.pdf]

             

             

            Sincerely.

            • 3. Re: SADR (SuperAgent Distributed Repository)
              joeleisenlipz

              Super Agents basically enable two functions:

              1. Distributed repository (glorified file share)
              2. Broadcast wake-up call (minor traffic-saving function)

               

              The broadcast wake-up call only saves on out-bound traffic from the ePO server--NOT the return traffic, which is the substantially larger traffic anyway.

               

              In your case, the ePO server would direct your single Super Agent to broadcast to it's segment, all the agents in that segment would then Collect&Send Props back to ePO, and any uncovered segments would blissfully continue (not communicating) until their regular communication interval rolls around.

               

              Most people just send a normal, direct wake-up call to the system they care about. 99% of the people never even know about the broadcast wake-up, and that's the part where the segments matter.

              • 4. Re: SADR (SuperAgent Distributed Repository)
                DC-SG

                Hi Joe,


                Thanks very much. Now I get a clearer understanding of SADR.
                In a nutshell, for any subnet with no SADR, the clients will communicate with the ePO in a normal fashion and cycle (wakeup, update, policy enforcement, etc...)

                 

                V/R,

                 

                DC-SG

                • 5. Re: SADR (SuperAgent Distributed Repository)
                  JoeBidgood

                  (Two Joes - very confusing )

                   

                  This is exactly correct. In reality about the only time that the superagent wakeup call / subnet stuff becomes relevant is if  you have Global Updating enabled, as it's one of the mechanisms GU uses.

                   

                  HTH -

                   

                  Joe