Agent wake-up & Agen broadcast could be simply changed in ePO, Server Settings -> Ports -> Edit.
These ports will be active on all clients with McAfee Agent, so be sure to pick one, that won't collide. You'll also have to make sure, that these ports on clients are reachable from ePO.
You can use something like the TCPView application to determine which processes are tied to which ports.
On more recent Windows OS you can also use 'netstat -b'
I had this issue as well when I rolloed out VS 8.8 on my servers. But the onaccess scan showed in its logs that it was blocking port 25. I was able to change the policy for the servers to stop the blocking. But you should see in the logs what is being blocked and it will say in the logs what port it is.