McAfee EPOLICY ORCHESTRATOR 4.5 Product Manual page 48

Hide thumbs Also See for EPOLICY ORCHESTRATOR 4.5:

Installation manual (30 pages)

Release note (10 pages)

Supplement manual (15 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

page of 298

/ 298
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring ePolicy Orchestrator

Security keys and how they work

Task

For option definitions, click ? in the interface.

Click Menu | Configuration | Server Settings, select Security Keys from the Setting

Categories list, then click Edit. The Edit Security Keys page appears.

Next to the Agent-server secure communication keys list, click New Key. In the

dialog box, type the name of the security key.

If you want existing agents to use the new key, select the key in the list, then click Make

Master.

Agents 3.6 and later begin using the new key at the first agent-server communication after

their next update task is complete. For earlier versions of the agent, you must run a client

product update task to push down the new key, using the agent updater 3.5.5 that is in

the master repository.

CAUTION:

performed only when you have specific reason to do so. McAfee recommends performing

this procedure in phases so you can more closely monitor progress.

After all agents have stopped using the old key, delete it.

In the list of keys, the number of agents currently using that key is displayed to the right

of every key.

Back up all keys.

Designating an ASSC key pair as the master

Use this task to change which key pair, listed in the Agent-server secure communication

keys list, is specified as the master. Do this after importing or generating a new key pair.

Task

For option definitions, click ? in the interface.

Click Menu | Configuration | Server Settings, select Security Keys from the Setting

Categories list, then click Edit. The Edit Security Keys page appears.

From the Agent-server secure communication keys list, select a key , then click Make

Master.

Create an update task for the agents to run immediately, so that agents update after the

next agent-server communication.

NOTE:

Ensure that the agent key updater package is checked in to the master repository

and has been replicated to all distributed repositories that are managed by ePolicy

Orchestrator. Agents begin using the new key pair after the next update task for the agent

is complete. At any time, you can see which agents are using any of the agent-server

secure communication key pairs in the list.

Back up all keys.

Using the same ASSC key pair for all servers and agents

Follow this process to ensure that all ePO servers and agents use the same agent-server secure

communication (ASSC) key pair.

McAfee ePolicy Orchestrator 4.5 Product Guide

In large installations, generating and using new master key pairs should be

Table of Contents

McAfee EPOLICY ORCHESTRATOR 4.5 Product Manual page 48

Related Manuals for McAfee EPOLICY ORCHESTRATOR 4.5

Related Products for McAfee EPOLICY ORCHESTRATOR 4.5

Table of Contents