Manualshelf

Specifications

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
31323334353637383940
4
Agent Handlers
Agent Handlers co-ordinate work between themselves and the McAfee ePO server that communicates
with the remote Agent Handlers. Agent Handlers use a work queue in the SQL database as their
primary communication method. The Agent Handlers check the work queue frequently and perform
the requested action.
Agent Handlers overview
Users have many questions about Agent Handlers and they are answered in the McAfee Agent
Handlers white paper.
In ePolicy Orchestrator 4.0 and earlier versions, there was a single McAfee ePO server that agents
could connect to and receive policy and task updates. Since the McAfee ePO server was responsible for
handling every agent connecting to it, there was a limitation on the deployment size a McAfee ePO
server could handle. A single McAfee ePO server could scale:
Vertically using bigger and faster hardware
Horizontally using more servers to distribute the load
Agent Handlers were introduced in ePolicy Orchestrator 4.5 to allow you to grow your logical ePolicy
Orchestrator infrastructure horizontally, adding multiple Agent Handlers to scale agent connectivity.
Agent Handlers allow you:
To scale your McAfee ePO server if it is overloaded handling the agent request volume
Fail-over protection if you want agents to fail over between multiple physical servers and you do
not want to cluster the McAfee ePO server
To use topology features to manage your systems behind a Network Address Translation (NAT) or
in an external network
The Agent Handler must have a high bandwidth connection to the central
ePolicy Orchestrator database.
To understand what Agent Handlers do, it's important that you also understand their limitations. Agent
Handlers require constant communication back to the SQL database that ePolicy Orchestrator uses.
They check the McAfee ePO server database work queue approximately every ten seconds to find what
tasks they need to perform. This is one of the reasons that each Agent Handler needs a relatively high
speed, low latency connection to the database.
Do not use Agent Handlers to replace repositories. A repository is a simple file share meant to keep
update traffic local. While an Agent Handler has repository functionality built in, it has much more
intelligence and requires constant communication back to the SQL database. This constant
communication can saturate the WAN link.
4
McAfee
®
ePolicy Orchestrator
®
4.0 and 4.5 Best Practices Guide
35