Manualshelf

Specifications

ManualsBrandsMcAfee ManualsOtherENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE
51525354555657585960
Dynamically sorting your machines
To dynamically sort your machines into your ePolicy Orchestrator System Tree use a combination of
system criteria, such as machine name or IP address, to dynamically move machines into their
appropriate group in your ePolicy Orchestrator System Tree.
This requires you to create some basic groups for your tree structure. For smaller organizations your
tree might not be that complex and contain only a few groups. For larger organizations you could
create the following building blocks and assess the pros and cons of a few designs:
GEO — Geographic location
NET — Network location
BU — Business unit
SBU — Sub business unit
FUNC — Function of the system (web, SQL, app server)
CHS — Chassis (server, workstation, laptop)
After you decide on the basic building blocks for groups in the tree you need to determine which
building blocks to use and in which order based on the following factors:
Policy Assignment — Will you have many different custom product policies to assign to groups
based on chassis or function? Will certain business units require their own custom product policy?
Network Topology — Do you have sensitive WANs in your organization that can never risk being
saturated by a content update? Or do you only have major locations and this is not a concern?
Client Task Assignment — When it comes time to create a client task, such as an on-demand
scan, will you need to do it at a group level, such as a business unit, or system type, like a web
server?
Content Distribution — Will you have an agent policy that specifies certain groups must go to a
specific repository for content?
Operational Controls — Will you need specific rights delegated to your ePolicy Orchestrator
administrators that will allow them to administer specific locations in the tree?
Queries — Will you need many options when filtering your queries to return results from a specific
group in the System Tree. This is another factor that may be important when designing your tree.
After you choose the basics for your tree structure, create a few sample trees and look at the pros and
cons of each design. There is no right way or wrong way to build your tree, just pluses and minuses
depending on what you choose. Following are a few of the most common tree designs users tend to use:
GEO -> CHS -> FUNC
NET -> CHS -> FUNC
GEO -> BU -> FUNC
The following example is an example of GEO -> CHS -> FUNC, or geographic location, chassis, and
function.
7
Organizing your System Tree
Dynamically sorting your machines
52
McAfee
®
ePolicy Orchestrator
®
4.0 and 4.5 Best Practices Guide