1 Reply Latest reply on May 16, 2008 8:22 AM by tonyb99

    EPO 4 design

      I am looking for some feedback on the design of the directory tree (sites and groups) for the new EPO4 server we are building.

      This would be the first time i am involved with the design phaze of the EPO server.
      Background information:

      I first took over Mcafee about 7 months ago. At that time we had major issue with agents checking in that Mcafee recommending rebuilding the EPO server 3.6, which we did and copied all the settings over from the old one. We have now worked through most of the issues with the clients connecting and have started to plan for the upgrade. From what I can gather 3.6 was an administrators nightmare for us. I think this mostly had to do with the way it was setup…..

      Current setup: Desktops/Laptops only
      EPO 3.6
      Virusscan 8.5 Patch 4
      2100 agents
      64 Sites (Branches)
      11 Distributed Repositories
      No SuperAgents (This is how the old adminsitrator left it)
      No Rouge Systems Dections (This is how the old adminsitrator left it)

      In the long run after copying all the settings over from the one server to the other everything was at the defualt settings. I have gone through and changes client tasks and policies to better manage what was happening at the agent level.

      Directory structure
      Directory->Branch->Computers->Agents
      Basically we have setup right now that under the directory we have all 64 branches then a subgroup of Computers. This matches our AD structure.

      My main goal here is to ask how other adminsitrators have setup for the directory structure in EPO.

      Things to take into consideration:
      We currently have a work force where we have ~ 1100 laptops and ~1000 desktops. These laptops come and go all the time from the domain.
      Some Braches may only have 1 computer, on average a branch has 32 computers (2100/64)
      7 Branches cover ~600 computers ~25%, that leaves 1500 machine to 57 other branches or 26 computers per branch.
      We DO not manage computers differently in each branch
      Network layout is centrliazed where all branches come through HQ to get anywhere, Branches can not talk to other branches directly.

      With the above information I can not see how having 64 sites in EPO can effective be managed when at this point all agents are managed the same (I do not see this changing). What I do see changing is laptops are managed different from desktops.

      What are your suggestions for designing the directory layout of EPO. If you think having 64 sites is the best way please say that because that is how some otheres here feel and I am trying to get an outside view from others.

      Feel free to ask for more information if that would help the process.


      Thanks in advance
        • 1. RE: EPO 4 design
          tonyb99
          there is no problem having 64 groups especially if they all get the same policies, remember they trickle down so you apply at top level and disable those you dont want in general.
          The latest agent 4 will allow you to use the laptops field that should be populated by MS windows so this will help if you have any laptop specific issues.