Specifications
Deleting inactive systems automatically
Most environments are constantly changing, new systems are added and old systems removed. This
creates inactive McAfee Agent systems that, if not deleted, can ultimately skew your compliance reports.
As systems are decommissioned, or disappear because of extended travel, users on leave, or other
reasons, remove them from the System Tree. Removing these systems ensures the reports you run
are returning data on systems that have recently communicated with the McAfee ePO server, not
outdated systems that have not communicated in weeks. An example of a skewed report might be
your DAT report on compliance. If you have systems in your System Tree that have not reported into
the McAfee ePO server for 20 days then they appear as out of date by 20 days and ultimately skew
your compliance reports.
You can of course create a query and report to filter out systems that have not communicated with the
McAfee ePO server in X number of days but it is more efficient to either delete or automatically move
these systems. Most organizations choose a number between 14 and 30 days of no communication to
delete or move systems. For example, if a system has not communicated with the McAfee ePO server
you can delete or move that system to a group in your tree that you can designate as Inactive Agents.
There is already a preconfigured task that is disabled by default that you can edit and enable on your
server.
Edit and enable the Inactive Agent Cleanup server task.
Server tasks
Deleting inactive systems automatically
10
McAfee
®
ePolicy Orchestrator
®
4.0 and 4.5 Best Practices Guide
77