1 2 Previous Next 10 Replies Latest reply on Mar 30, 2017 6:40 AM by tao

    DAT file deployment schedule - Best practices

    stephane.dontigny

      Hi,

       

      I'm looking at the McAfee best practices for DAT deployment on my workstations. I asked the question to McAfee and their recommendation is to schedule a task at 3pm and another one at the user "logon". I'm wondering if it would be better to have only one task at 3pm with the option to repeat every hours.

       

      I'm not sure if it make sense and I would like to have your feedback.

       

      Thanks.

        • 1. Re: DAT file deployment schedule - Best practices
          DocB

          stephane,

           

          You want to have one at login as well, I set the policy to run the update 10-15 minutes after the user logs in.  This catches folks who have been out of the office or left their system turned off.  I also have a policy set for the system to call home to ePO if it hasn't communicated in 24 hours.

           

          You should have an emergency DAT distribution set up, but disabled.  I've used it once in five years, and the bad DAT detection caught most of the bad DATS.

           

          HTH,

          DocB

          • 2. Re: DAT file deployment schedule - Best practices
            stephane.dontigny

            Hello DocB,

             

            Thank you very much for your recommendation. I will definitely add a validation at login like you did. I'm sorry but I'm not sure to understand your comment on "The system to call home to ePO" ? Can you explain more in details.

             

            Have a great day.

            • 3. Re: DAT file deployment schedule - Best practices
              DocB

              stephane,

               

              You can set a parameter for the Agent to call into the ePO server if it hasn't communicated with the server within a certain period of time.  This way it gets any changed policies, new or updated client tasks, or other changed ePO parameters.  I use 24 hours, others may use longer or shorter time periods as their situation permits or requires.

               

              HTH,

              DocB

              • 4. Re: DAT file deployment schedule - Best practices
                stephane.dontigny

                Thanks DocB.

                 

                You help has been much appreciated.

                • 5. Re: DAT file deployment schedule - Best practices
                  Moe Hassan

                  Hi stephane.dontigny

                   

                  You can set it up for 3pm but keep in mind daily DATs are released slightly after 4pm. That means your clients are nearly 1 day behind. Many people choose to delay DAT updates by 1 day for servers but workstations get update right away or just few hours after they are released. This can be done in two ways. One is simply configuring policies to use "previous" branch for dat update OR time the scheduled task cleverly. Also since DATs are released once a day, deploying it every hour can cause unnecessary bandwidth usage. Scheduling requires understanding of your environment. Are systems shut down at the end of the day? What's the earliest hour users start using their systems? How can you target and achieve the maximum systems? You may consider different schedule for different office locations.

                   

                  Some good FYI materials:

                  FAQs for V2 DAT files

                  McAfee VirusScan Enterprise 8.8 Best Practices Guide

                  • 6. Re: DAT file deployment schedule - Best practices
                    tao

                    Also, depending on the environment - you may consider the option for "

                    • 7. Re: DAT file deployment schedule - Best practices
                      stephane.dontigny

                      Thanks guys,

                       

                      It seems that my issue is for some computers only, they don't pull the DAT update. At this time, I have two client tasks assigned, one in the morning at 7ham and the other one at the evening at 9pm. This has been configured by someone else. I would like to change these schedules because they are not optimal. (even with the option "Run missed task 10 minute delay". I think that this option doesn't work sometimes. I've taken a look at few computers in the agent log and can't see any entry about the DAT validation after this 10 minutes. (computers with the issue of course)

                       

                      The majority of the systems are not shut down at the end of the day. We have a lot of laptop traveling from home to the office. Those laptops use the VPN to connect on the business network remotely so they have access to the ePO server all the time.

                       

                      Our users starts working around 9h am to 5h pm. The randomization is a good option and I will use it in the new schedule. Yes, the idea to run a query for the workstation online and not up to date every hour is too extensive. If my new schedules works fine, I think I won't need it anymore.

                       

                      Thanks again guys.

                      • 8. Re: DAT file deployment schedule - Best practices
                        tao

                        I have used the following task with much success:

                         

                        Schedule type: Daily

                        Start time: 12AM

                        Run at that time, and then repeat until: 11:59PM

                        During repeat, start task every: 1hr

                        Enable randomization: 1hr

                        Run missed task: 5 minutes

                         

                        Also, under CMA/General Policy - Agent-server communication: Initiate agent-to-server communication within 10 minutes after startup if policies are older than (days): 1 and enable Retrieve all system and product properties (recommended). If unchecked retrieve only a subset of properties.

                        1 of 1 people found this helpful
                        • 9. Re: DAT file deployment schedule - Best practices
                          stephane.dontigny

                          Thanks for sharing your configuration Tao,

                           

                          That make sense also. I will think about it.

                          1 2 Previous Next