Table of Contents
Advertisement
Organizing Systems for Management
How a system is first placed in the System Tree
Tag-based sorting criteria
In addition to using IP address information to sort systems into the appropriate group, you can
define sorting criteria based on the tags assigned to systems.
Tag-based criteria can be used with IP address-based criteria for sorting.
Group order and sorting
To provide additional flexibility with System Tree management, you can configure the order of
a group's subgroups, and therefore the order by which they are considered for a system's
placement during sorting. When multiple subgroups have matching criteria, changing this order
can change where a system ends up in the System Tree.
Additionally, if you are using catch-all groups, they must be the last subgroup in the list.
Catch-all groups
Catch-all groups are groups whose sorting criteria is set to All others on the Sorting Criteria
page of the group. Only subgroups at the last position of the sort order can be catch-all groups.
These groups receive all systems that sorted into the parent group, but did not sort into any
of the catch-all's peers.
How a system is first placed in the System Tree
When the agent communicates with the server for the first time, the server uses an algorithm
to place the system in the System Tree. When it cannot find any location for a system, it puts
the system in the Lost&Found group.
At the first agent-server communication
On each agent-server communication, the server attempts to locate the system in the System
Tree by agent GUID (only systems whose agents have already called into the server for the
first time have an agent GUID in the database). If a matching system is found, it is left in it's
existing location.
If a matching system is not found, the server uses an algorithm to sort the systems into the
appropriate groups. Systems can be sorted into any criteria-based group in the System Tree,
no matter how deep it is in the structure, as long as each parent group in the path does not
have non-matching criteria. Parent groups of a criteria-based subgroup must either have no
criteria or matching criteria.
Remember, the order subgroups are placed the Group tab, determines the order subgroups
are considered by the server when it searches for a group with matching criteria.
1
The server searches for a system without an agent GUID (its agent has never called in
before) with a matching name in a group with the same name as the domain. If found,
the system is placed in that group. This can happen after the first Active Directory or NT
domain synchronization, or when you have manually added systems to the System Tree.
2
If a matching system is still not found, the server searches for a group of the same name
as the domain from which the system originates. If such a group is not found, one is created
under the Lost&Found group, and the system placed there.
3
Properties are updated for the system.
McAfee ePolicy Orchestrator 4.0.2 Product Guide
47
Advertisement
Table of Contents
