Beruflich Dokumente
Kultur Dokumente
Indrajit Majumder
Agenda
What is Repository ?
Component of Repository ?
Source Repository ( McAfee Updates.ini sites).
Master Repository ( NIC-800000-EPO1 placed in Head Office).
Distributed Repository ( in 24 Regional Offices).
Clients Machines ( In all over Operating Offices).
Source Repository
The Master Repository distribute (PUSH) all the packages to the Distributed
Repository. (Schedule from 5:00 AM to 9:00 AM)
Normally Clients download new policies from ePO Server ( NIC-800000-EPO1) , and
SDAT from Distributed Repository.
Repository Flow Chart
Rogue Sensor System
In NIC Rogue Sensor are placed on Genisys Server of each Operating office. It
detect all the rogue machines in there network and send report to ePO Server( NIC-
800000-EPO1) placed in HO.
HOW IT WORKS ?
The Sensor is a small WIN32 native executable application. We deploy at least one
sensor to each broadcast segment. The sensor run on any NT-based Windows
operating system.
To detect system on the network, the sensor utilize WinPCap , an open source
packet capture library. Using WinPCap , the rogue system detection sensor captures
network layer two broadcast packets sent by computers connected to the same
network broadcast segment.
Rogue Sensor System ( cont…)
The sensor listens for Address Resolution Protocol (ARP) , Reverse Address
Resolution Protocol (RARP) , and IP traffic.
The sensor is able to “listen” to the broadcast traffic of all that part of the network.
Like Rogue computers , Printer , router , Switch and all other devices.
The Rogue sensor system gather all information includes DNS name ,IP, MAC
Address, NetBIOS name , Operating system version , and list of currently logged-in
users . And after that send all those information to ePO Server sensor that is
NIC-800000-EPO1 placed in HO.
The Sensor-to-Server communication Port is : 8444
Rogue Sensor System ( cont…)
Rogue Sensor System ( cont…)
Rogue Sensor System ( cont…)
Rogue Sensor System ( cont…)
INSTALLATION
Uninstallation.
ePO Agent Installation
Double Click on
Setupvse.exe” .
Click OK.
Update of VirusScan Enterprise
ePO Agent and Virus Scan Enterprise Symbol must be shown in the Task bar.
On- Access Scan must be enabled.
Super DAT Of McAfee Virus Scan Enterprise must be updated. User can check latest
Version of Super DAT from FTP:// 10.80.0.25/ domain join/ MacAfee-Package . Or
HTTP://10.X.0.3/epo/Current/VSCANDAT1000/DAT/0000/dat ( Where X = Regional
office code ) .
ePO Agent of client machines must communicate with NIC-800000-EPO1 ( main
server ) Properly. At least once in a day click-on “Collects and send Properties” of
ePO Agent.
ePO Agent and Virus Scan Enterprise must be taking updates from there respective
Regional Office only.
User should scan there computer completely at least once in a week.