Specifications
How Global Updates works
If the McAfee ePO server is scheduled to pull the latest DATs from the McAfee website at 2 p.m.
Eastern time, and it changes the master repository, which is always the McAfee ePO server, the server
automatically starts to replicate the DATs to all your distributed repositories.
The Global Updates process works like this:
1
Content or packages are checked in to the master repository.
2
The McAfee ePO server performs an incremental replication to all distributed repositories.
3
The McAfee ePO server issues a SuperAgent wake-up call to all SuperAgents in the environment.
4
The SuperAgent broadcasts a global update message to all agents within the SuperAgent subnet.
5
Upon receipt of the broadcast, the agent is supplied with a minimum catalog version needed.
6
The agent searches the distributed repositories for a site that has this minimum catalog version.
7
Once a suitable repository is found, the agent runs the update task.
A common mistake users make with a large environment and where bandwidth is critical is thinking
they should have Global Updating enabled to make sure they receive their DATs quickly. These users
enable Global Updates and everything works fine. But, eventually McAfee releases an update to its
VirusScan Enterprise engine which can be several megabytes compared to the 200 Kb DAT files.
Engine updates typically occurs twice per year. McAfee posts the new engine to the public site and the
McAfee ePO server pulls it down and starts replicating it to the distributed repositories and starts
waking up agents to receive the new engine immediately. This can saturate your WAN links and roll
out an engine that you would preferred to upgrade in a staged release.
Repositories
Global updates
3
McAfee
®
ePolicy Orchestrator
®
4.0 and 4.5 Best Practices Guide
33