1 Reply Latest reply on Sep 25, 2015 5:04 AM by amet4

    MSME 8.5 plus Quarantine Manager 7.1 and ePO 5.1

    amet4

      Hi all,

       

      What brings me here is related with what I mentioned in the subject.

       

      For several days I have been testing MSME 8.5 and Quarantine Manager 7.1 for one of our customers.

      This customer already have several McAfee products installed such as ePO 5.1, VSE 8.8, all of them installed by me and working. This customer asked for a mail solution with a centralized quarantine console and they want to have a lab environment to test these products from McAfee to check if they are suitable for what they want.

       

      The lab consists:

       

      In all systems the OS is Windows 2012 R2 full patched with the firewall disabled.

      Server 1 - Windows OS + Active Directory, DNS....

      Server 2 - Windows OS + Exchange server CU9

      Server 3 - Windows OS + ePO 5.1 ( with all patches )

      Server 4 - Windows OS

       

      Through ePO I deployed to Server 2 MSME 8.2 and to Server 4 I deployed Quarantine Manager 7.1 (QM), both McAfee products were installed in the respective servers.

      In Server 2 I also deployed the Anti Spam plugin for Exchange, after a few tests I checked that it was scanning in and outbound emails, no issues here. Because the customer wants to use the QM to manage the quarantine items I went in MSME -> Settings & Diagnostics -> Detected Items and I enabled to report to QM through RPC using the port 49500.

       

      I made few spam and virus simulations with EICA file and both threats are reported in MSME Dashboard, then I went to QM Dashboard and nothing was being reported to the QM.

      I started to troubleshoot why this was happen.

       

      I verified that from Server 2 I was able to telnet Server 4 in the port 49500, I also confirmed in Server 4 that the connection was established. After several attempts of restarting all MSME and QM services including changing the port in QM didn't solved the issue, no matter what I did MSME wasn't able to connect to QM.

       

      My next step was to remove the AV and Agent, after a reboot I checked that all MSME configurations were lost, why I don't know.

      Due to this I decide to uninstall all McAfee products from server 2 and 4 and install the products (MSME and QM) without using ePO and everything started working using the RPC and port 49500.

       

      Because this customer also wants these two products integrated with ePO and everything was working now, I deployed the agent in server 2 and in server 4 the agent and AV. After the tasks were finished I went again to server 2 to check MSME and it was working as expected but again it wasn't reporting to QM. Ok,the problem can be related with ePO packages, I removed again  the agents from both servers and the AV from server 4 and rebooted both systems. For my surprise all the MSME configurations are again lost.

       

      I reconfigured once more MSME and is working now integrated with QM but both products are not managed by ePO.

       

      I need to figure it out why is this happening but I'm out of ideas, if I can't solve these issues the customer will not renew the licenses for the McAfee products .

       

      Any ideas?

       

      Thank you for read this question.

       

      Regards.

       

      D.