Automating and optimizing McAfee ePO workflow You can create queries and tasks to automatically run for improved server performance, easier maintenance, and to monitor threats. Note: When you change a policy, configuration, client or server task, automatic response, or report, export the settings before and after the change. Best practice: Find systems with the same GUID You can use preconfigured server tasks that runs queries and targets systems that might have the same GUIDs. Best practices: Purging events automatically Periodically purge the events that are sent daily to your McAfee ePO server. These events can eventually reduce performance of the McAfee ePO server and SQL Servers. Best practice: Creating an automatic content pull and replication Pulling content daily from the public McAfee servers is a primary functions of your McAfee ePO server. Regularly pulling content keeps your protection signatures up to date for McAfee products. Best practices: Filtering 1051 and 1059 events 1051 and 1059 events can make up 80 percent of the events stored in your database. If enabled, make sure that you periodically purge these events. Best practice: Finding systems that need a new agent If you suspect some of your managed systems might not have the same McAfee Agent installed, perform these tasks to find the systems with the older agent versions, then select those systems for a McAfee Agent upgrade. Finding inactive systems: best practice Most environments are changing constantly, new systems are added and old systems removed. These changes create inactive McAfee Agent systems that, if not deleted, can ultimately skew your compliance reports. Measuring malware events best practice Counting malware events provides an overall view of attacks and threats being detected and stopped. With this information, you can gauge the health of your network over time and change it as needed. Finding malware events per subnet: best practice Finding threats by subnet IP address shows you whether a certain group of users needs process changes or additional protection on your managed network. Create an automatic compliance query and report best practice You can create a compliance query and report to find which of your managed systems meet specific criteria.
Automating and optimizing McAfee ePO workflow You can create queries and tasks to automatically run for improved server performance, easier maintenance, and to monitor threats. Note: When you change a policy, configuration, client or server task, automatic response, or report, export the settings before and after the change. Best practice: Find systems with the same GUID You can use preconfigured server tasks that runs queries and targets systems that might have the same GUIDs. Best practices: Purging events automatically Periodically purge the events that are sent daily to your McAfee ePO server. These events can eventually reduce performance of the McAfee ePO server and SQL Servers. Best practice: Creating an automatic content pull and replication Pulling content daily from the public McAfee servers is a primary functions of your McAfee ePO server. Regularly pulling content keeps your protection signatures up to date for McAfee products. Best practices: Filtering 1051 and 1059 events 1051 and 1059 events can make up 80 percent of the events stored in your database. If enabled, make sure that you periodically purge these events. Best practice: Finding systems that need a new agent If you suspect some of your managed systems might not have the same McAfee Agent installed, perform these tasks to find the systems with the older agent versions, then select those systems for a McAfee Agent upgrade. Finding inactive systems: best practice Most environments are changing constantly, new systems are added and old systems removed. These changes create inactive McAfee Agent systems that, if not deleted, can ultimately skew your compliance reports. Measuring malware events best practice Counting malware events provides an overall view of attacks and threats being detected and stopped. With this information, you can gauge the health of your network over time and change it as needed. Finding malware events per subnet: best practice Finding threats by subnet IP address shows you whether a certain group of users needs process changes or additional protection on your managed network. Create an automatic compliance query and report best practice You can create a compliance query and report to find which of your managed systems meet specific criteria.