1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. EPOLICY ORCHESTRATOR 4.0.2 -
  6. Product manual

How Detected Systems Are Matched And Merged; Rogue System Detection States - McAfee EPOLICY ORCHESTRATOR 4.0.2 Product Manual

Hide thumbs
Table of Contents

Advertisement

Detecting Rogue Systems

How detected systems are matched and merged

a mixed environment. A sensor installed on a DHCP server will not report on systems covered
by that server if the system uses a static IP address.
How detected systems are matched and merged
When a system connects to your network, Rogue System Detection automatically checks the
ePO database to determine whether the incoming system is new or corresponds to a previously
detected system. If the system has been previously detected, Rogue System Detection matches
it to the existing record in the ePO database automatically. When a detected system is not
matched automatically, you can manually merge the system with an existing detected system.
Matching detected systems
Automatic matching of detected systems is necessary to prevent previously detected systems
from being identified as new systems on your network. By default, systems are first matched
against an agent's unique ID. If this unique ID does not exist, the ePO database uses attributes
specified in the Rogue System Matching server settings. You can specify which attributes the
database uses for matching, based on which attributes are unique in your environment.
If a system on your network has multiple NICs, each system interface can result in separate
detections. You can specify how the system interfaces are matched in the same manner used
for specifying the matching of detected systems.
Merging detected systems
When the ePO server cannot automatically match detected systems, you can merge them
manually. For example, the ePO server might not be able to match a detected system interface
generated by a system with multiple NICs based on the matching attributes you have specified.
For more information, see Merging detected systems .

Rogue System Detection states

Rogue System Detection categorizes systems, sensors and subnets on your network with
different states to make monitoring and managing your network easier. These states determine
the following:
• Overall system status
• Rogue System Sensor status
• Subnet status
192
McAfee ePolicy Orchestrator 4.0.2 Product Guide

Advertisement

Table of Contents
loading

Related Manuals for McAfee EPOLICY ORCHESTRATOR 4.0.2

Related Content for McAfee EPOLICY ORCHESTRATOR 4.0.2

Table of Contents