How Agent Handlers work

Agent Handlers distribute network traffic generated by agent-server communication by directing managed systems or groups of systems to report to a specific Agent Handler. Once assigned, a managed system communicates with the assigned Agent Handler instead of with the main McAfee ePO server.

The handler provides updated sitelists, policies, and policy assignment rules, just as the McAfee ePO server does. The handler also caches the contents of the Master Repository, so that agents can pull product update packages, DATs, and other needed information.

Note: If the handler doesn't have the updates needed when an agent checks in, the handler retrieves them from the assigned repository and caches them, while passing the update through to the agent.

This diagram shows some of the typical connections between Agent Handlers, the McAfee ePO server, and the McAfee ePO SQL Server.

Agent Handlers in an enterprise network


In this diagram, all Agent Handlers:

  • Are connected to the McAfee ePO SQL Server using low-latency high-speed links
  • Are located close to the database they write to
  • Have failover configured between Agent Handlers
  • Are managed from the McAfee ePO server

The Agent Handlers in these cities have specific configurations.

Note: A low-latency high-speed link's round-trip latency must be less than about 10 ms. Use the Windows tracert command to confirm the round-trip time (RTT) from the Agent Handler to the McAfee ePO SQL Server.
  • Boston — The Agent Handler for Boston is configured with failover support to the Agent Handler for Philadelphia.
  • Philadelphia — The two Agent Handlers have load balancing configured.
  • Washington DC — The Agent Handler uses specific ports to connect to the McAfee ePO server from behind a firewall.

The Agent Handler must be able to authenticate domain credentials. Or the Agent Handler uses SQL authentication to authenticate to the database. For more information about Windows and SQL authentication, see the Microsoft SQL Server documentation.

For more information about changing authentication modes, see the Microsoft SQL Server documentation. If you do, you must also update the SQL Server connection information.

Run the query Systems per Agent Handler to display all Agent Handlers installed and the number of agents managed by each Agent Handler.

When an Agent Handler is uninstalled, it is not displayed in this chart. If an Agent Handler assignment rule exclusively assigns agents to an Agent Handler and if that Agent Handler is uninstalled, it is displayed in the chart with Uninstalled Agent Handler and the number of agents still trying to contact this Agent Handler.

If the Agent Handlers are not installed correctly, then the Uninstalled Agent Handler message is displayed which indicates that the handler cannot communicate with particular agents. Click the list to view the agents that cannot communicate with the handler.

Multiple Agent Handlers

You can have more than one Agent Handler in your network. You might have many managed systems spread across multiple geographic areas or political boundaries. Whatever the case, you can add an organization to your managed systems by assigning distinct groups to different handlers.