This content has been marked as final. Show 4 replies
For security reasons, we don't allow anyone off-campus to access our EPO server. To help these systems off-campus, we have configured the updates to use McAfee FTP as the fall-back repository. I have not have any issues when laptops come back on campus with them sending us lots of alerts.
It basically depends on security, I prefer to have our server protected from off-campus attacks.
I see your point, for security reasons. Unfortunately some of our folks are out for extended period (6+ months) and it would be nice to keep tabs on them. I know they are covered for DAT protection (use McAfee as fallback), but the reporting is the real win with having a server outside the DMZ.
Food for thought.
I guess you could open Port 80 from off-campus to the EPO server. We have done that for one of our password servers by just opening up the necessary ports off-campus. This will at least reduce the number of outside ports a hacker might scan for.
I build for one of customer's ePO server with publishing to Internet.
By official McAfee, ePO not designed to be connected to Internet (not enough hardened).
In my case, ePO server used for external users, located with private IP address, behind firewall and reverse-proxy (ISA). Users resolve FQDN address of ePO, reach the firewall, forwarded to ISA listener and then forwarded to ePO. I'm not used port 80, but some high port. Of course impossible to make wakeup for clients, but the rest functionality is same like in LAN.