Rogue systems and your network

Rogue systems access your network, but are not managed by McAfee ePO. Even in a managed network environment, some systems might not have an active McAfee Agent on them.

Any device on your network with a network interface card (NIC) also appears as a rogue system. On systems with multiple NICs, each resulting interface is identified as a separate system. When these interfaces are detected, they appear as multiple rogue systems. You can specify the steps McAfee ePO takes when multiple interfaces are detected in the same way that you specify remediation steps for other detected rogue systems.

Rogue System Detection interface and system definitions

For Rogue System Detection, each of these terms has a unique meaning. Do not use them interchangeably.

  • InterfaceRogue System Detection binds to an interface. Systems can have multiple interfaces because they have multiple NIC cards, or because they connected to multiple subnets and the same NIC is given multiple IP addresses.
  • System — In Rogue System Detection, a system has a specific DNS Name and OS Platform, which appears in the Detected Systems Details.
    Note: Each system can have multiple interfaces in the Detected System Interfaces list.