McAfee ePolicy Orchestrator will manage all of your desktops and servers from one server or multiple servers. You may also add distrubuted repositories to balance the load in a large environment such as yours.
AS mmcgary says you can have all your machines in the same folder. under the system tree I have a 'Servers' folder and a 'workstation' folder and then manage them that way with two separate teams managing 2 separate policies etc...
the installer is always the same so updates are handled the same way. just policies and tasks (when to run a full scan) that differ
Hi, ehbeta. As stated above, I would recommend setting up a server group and a workstation group. Under your server group, you can setup sub groups if needed. If you have servers with apps that need exclusions, you can either create a sub group for those servers and move the servers to the group, then you can go in add the exclusions only to that group. Once you added the exclusions and saved send an agent wakeup call. This can also work for workstations. ePO console is a great tool. Some items to consider.
1. Create a task to deploy the Agent. Each workstation and server will need the Agent installed. Reboot is not required.
2. Create a task to install VSE 8.8. ePO is smart enough to know which devices are workstations and which ones are servers.
3. Create an On Demand scan task. (I would not recommend running the ODS on servers during the day. (Schedule for a slow time.)
4. Before doing any of the above, make sure you have downloaded all of the required packages, and check them in.
Also I would recommend testing on a small group before deploying everywhere.
Note: When deploying VSE to servers or workstations, they will need to reboot. VSE will still work, but it is recommended to reboot after installation.
Hope this helps.