• In a managed environment in conjunction with ePolicy Orchestrator.
• In an unmanaged environment with a variety of McAfee products.
This guide covers both of these environments.
What the McAfee Agent does
Agent-server communication
During agent-server communication, the agent and server exchange information using a proprietary network protocol used by ePolicy Orchestrator for secure network transmissions.
At each communication, the agent collects its current system properties, as well as any events, and sends them to the server. The server sends any new or changed policies, tasks, and repository list to the agent. The agent then enforces the new policies locally on the managed system.
Agent-server communication can be initiated in four ways:
• Agent-to-server communication interval (ASCI)
• Agent-initiated communication after agent startup
• Agent wake-up calls
• Communication initiated manually from the managed system
Agent-to-server communication interval
The agent-to-server-communication interval (ASCI) is set on the General tab of the McAfee Agent policy pages. This setting determines how often the agent calls into the server for data exchange and updated instructions. By default, the ASCI is set to 60 minutes; the agent checks into the server once every hour.
When deciding whether to modify this policy setting, you must consider your organization’s
threat response requirements, available bandwidth, and the hardware hosting the server. Be aware that ASCI communication can generate significant network traffic, especially in a large network.
In such a case, you may have agents in remote sites connecting over slower network connections. For these agents, you may want to set a less frequent ASCI. The following table lists general ASCI recommendations for common network connection speeds.
Global Threat Condition: Elevated
