4 Replies Latest reply on Sep 19, 2012 2:40 PM by SafeBoot

    ePO Managing Multiple Companies

      So I downloaded ePO today and got it installed out on the Amazon EC2 cloud just fine. Keep in mind this server is back in VA, and I am located overseas.

       

      I created a frame package from the epo server out in the ec2 cloid and proceeded to install it on one of my lab machines. I manually edited the xml sites list to point to the public DNS/IP of the Amazon cloud server, but it still dosen't seem to work. It will "talk" a little bit, but not enough to fully function. I believe this is a limitation on the framepackage, and since they aren't part of the same domain I can't deploy it from the ePO server either. The frame package builds the local dns name and IP.

       

      Another way of asking this....

       

      Is it be possible for me to manage an ePO server out on the Amazon ec2 cloud, and remotely manage machines that belong to two different companies (i.e., not on the same domain, no trusts between them, etc.)?

       

      I would need to push/pull the agent info and epo policies over the web into my ec2 server from two different companies. So basically I would have "My Organization" and then I would have two subgroups - Company XYZ and Company ABC.

       

      Any ideas/thoughts?

        • 1. Re: ePO Managing Multiple Companies
          andrep1

          Interesting concept...

           

          The framepkg.exe runs under your account if you do a manual install locally, there is also a package where you can add credentials to your package. It contains the name and ip of the server to report to as well as the required encryption keys to communicate.

          Once the package is installed you should be able to look at the logs in your programdata\mcafee\common framework\db or start cmdagent -s from c:\program files\mcafee\common framework

           

          It should shed some light onto what is happening during communication. 

          • 2. Re: ePO Managing Multiple Companies
            Laszlo G

            Maybe you should also have an Agent Handler at the EC2 so you can see it through internet by its public IP address (configured under Agent Handler settings in ePO) and so all your computers should see it through WAN

            • 3. Re: ePO Managing Multiple Companies
              petersimmons

              ePO is touchy about its name and IP address. Specifically you shouldn't change them after ePO is installed. However, if you run into an issue where you have a different internal vs. external name then that should be easily addressed with the Agent Handler properties:

               

              ah_fields.png

               

              Just insert the needed name or address of the ePO server.

               

              As far as becoming an MSP, you can easily do this. The only issue you have is with figuring out who has what machine. The easy method is to create a tag for each domain in use. The agent pulls the domain properties and then you can process those into a tag like this:

               

              domain_tag.png

               

              Then you apply that tag to a sort field so that machines will automatically fall into the correct groups:

               

              sort_tag.png

               

              As you can probably tell, I already do this for my computers. The only issue is for non-domain computers. You'll need to find another property to use in order to sort them into the right container.

              • 4. Re: ePO Managing Multiple Companies

                moved to EPO group for better visibility.