1 Reply Latest reply on Nov 22, 2012 8:28 AM by pierce

    EPO Complete Rebuild

    czql5v

      Hi All,

       

       

       

       

      We have decided to install a new VM EPO Server, as we are not able to work out why we are having problems installing the patches, and we are not able to disclose the logs (to Mcafee help desk) due to the sensitve nature of their contents.

       

      Our plan thus far is to create a new VM EPO Server, Agent 4.5.0, VSE 8.7.0, with Patch 4. Once installed and configured we plan to deploy agents to 6 superagents (Approx 1000 agents). This will be phased and done in 6 separate stages. Once the agents are managed and reporting back we plan to deploy to another three fixed sites. In total there are approx 4,000 agents.

       

      I would like to know what pitfalls there are? I am also interested in whether we could build the server kick off an AD sync. Then export the Agent Server Secure Communication Keys to the new server. Would this be all we need to do, or would we still need to deploy the agents after an AD Sync.

       

      Please are you able to adivse the best course of action for a complete build of EPO.

        • 1. Re: EPO Complete Rebuild
          pierce

          Once you export the keys to the new server you will also need to link both ePO servers and perform the transfer command, unless you are replacing the current ePO server with the exact same domain name or something similar (which i would recommend you talk to McAfee about as I have no idea if that would even work)?

           

          I had a similar issue and in the end I just used rogue sensors (rather than AD sync as our AD was not that clean) and then deployed a new agent with the force over existing setting which updated the encryption keys at the same time (which my security team liked).

          I also used this opportunity to upgrade to ePO 4.6 and deployed the new 4.6 agent which had no issues.