Community Help Hub

sw41 · ‎03-26-2021

Does someone have a test tool or tests we can do between a client and the EPO server to see if all of the McAfee components are properly communicating with the EPO server? Some of our endpoints might be in the office where the path is all internal, and some are on remote offices where the path is over the internet. As the network team makes changes, it would be good to have a 1 stop place to test and make sure that what ever paths are needed to use McAfee on the endpoint still works. For example, an endpoint is checking in with MA but will not start encrypting with the log showing timeout issues in one office, but in another office it encrypts fine. The 2 offices go over different firewalls/routers to get to the EPO server and with 1 working, it makes me thing EPO is not the problem but how do I prove the routers/firewalls are??

I am looking for a broader comprehensive test from endpoint to agent handler to EPO server.

Does such exist?

Former Member · ‎03-26-2021

Hello @sw41

Thanks for your post.

You can try doing a EICAR test to see whether the AV is detecting it or not and Agent is sending the information or not.

Also for the Firewall/routers and if something is getting blocked/dropped in that case you can run the Wireshark and check.

Afaik, There is no such tool available from McAfee;.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

cdinet · ‎03-29-2021

Agent communication reports might help indicate a problem too if increasing number of systems start failing to communicate.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

sw41 · ‎03-29-2021

Thanks for the suggestions! I do realize we can go to 20 different places to troubleshoot and see if the agent and all mcafee components are reaching the EPO server, Jump on the "If this then try that otherwise it might be the other" merry go round, but I was looking for the one stop shop utility that would just come up with a pass/fail type result for each communication type between the end point and EPO for all McAfee components. This would be something ran by the 1st level techs who are not network/server/dba/security engineers. It would be a proactive tool to run after the other departments make changes and they ask us the vague question to test to make sure things work instead of finding out 2 days later that machines checking in to EPO can't send events from one office/network but can from another and not being able to pin point it back to the change the team made.

cdinet · ‎03-29-2021

We don't have any such tool. I believe the communication reports might be most effective since if it can't communicate, it also may not be able to send events or get updates, depending on the type failure that is happening.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

troubleshooting the network

Re: troubleshooting the network

Re: troubleshooting the network

Re: troubleshooting the network

Re: troubleshooting the network

Community Help Hub

Join the Community