kcm.trellix.com
Open in
urlscan Pro
161.69.38.126
Public Scan
URL:
https://kcm.trellix.com/corporate/index?page=content&id=KB59218&locale=zh_TW
Submission: On July 12 via manual from US — Scanned from DE
Submission: On July 12 via manual from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
Loading...
我的帳戶
登入
為何選擇 Trellix?
產品
威脅中心
新聞室
支援
合作夥伴
為何選擇 Trellix?
--------------------------------------------------------------------------------
領導力 職業生涯
XDR 解決方案簡介
瞭解隨時適應新環境的 XDR 生態系統如何為您的企業注入活力。
我們活動安全性的執行長
Trellix 執行長 Bryan Palma 解釋了針對不斷學習的安全性的迫切需求。
Trellix 平台
--------------------------------------------------------------------------------
端點安全性 雲端安全性 協同作業 資料與使用者 應用程式安全性 基礎架構安全性
Gartner MQ (端點)
下載最新的 Magic Quadrant 報告,依願景執行力與完成程度評估 19 位廠商。
Gartner® 報告:針對 XDR 的市場指南
依據 Gartner 的報告,「XDR 是一種新興技術,可提供改進的威脅預防、偵測和回應能力。」
威脅中心
--------------------------------------------------------------------------------
最新威脅
2022 年威脅預測
企業在 2022 年應該注意哪些網路安全性威脅呢?
Log4J 與知曉太多的記憶體
在網路安全行業中,從沒有片刻的無聊時光,如今正是採用這個新概念作為優勢來為企業提供助力的絕佳時機。
新聞室
--------------------------------------------------------------------------------
新聞 故事 資源
McAfee Enterprise 和 FireEye 合併為 Trellix
這兩個在網路安全領域值得信賴的領導者攜手合作,創造一個彈性數位世界。
我們活動安全性的執行長
Trellix 執行長 Bryan Palma 解釋了針對不斷學習的安全性的迫切需求。
支援首頁
KNOWLEDGE CENTER
取得 FireEye 產品相關支援
* 首頁
* Knowledge Center
* 下載
* 服務請求
* 工具
* 程式和政策
此文章沒有目前語言版本,因此顯示英文版本。
--------------------------------------------------------------------------------
HOW TO USE EPOLICY ORCHESTRATOR IN A DMZ OR NAT ENVIRONMENT
Technical Articles ID: KB59218
Last Modified: 2022/11/30
--------------------------------------------------------------------------------
ENVIRONMENT
ePolicy Orchestrator (ePO) 5.x
SUMMARY
This article describes how to use ePO in a Demilitarized Zone (DMZ) or
with Network Address Translation (NAT) in the environment.
PROBLEM
Trellix Agent can't communicate with the ePO server in a DMZ or NAT environment.
Two-way communications have been allowed between the ePO server and the DMZ
server, but the Agent still does not communicate with the ePO server.
NOTE: McAfee Agent was rebranded to Trellix Agent in version 5.7.7.
SOLUTION 1
Agent-to-server communication is supported over NAT; but, Agent wake-up calls
will not work over NAT.
Recommendations:
* To manage the external clients, install an ePO Server or Agent Handler in the
DMZ
* To manage only the internal network clients, install an ePO Server or Agent
Handler in the internal network.
Make sure that the following ports are opened on the firewall. These ports allow
agent communication to the ePO server in the DMZ for the internal and external
clients:
* 443/80 (For the external clients only, incoming connections to ePO/Agent
Handlers) – agent-to-server port (listed as ServerHttpPort in
the EPOServerInfo in ePO)
IMPORTANT: You can open port 443/80 on the firewall to communicate incoming
connections to ePO or Agent Handlers with only the external network. This
arrangement allows only the external clients to communicate with the ePO Server
or Agent Handlers in the DMZ. This change is not a major network security
consideration. The internal network is still locked down from receiving
communications from external clients on this port.
For Trellix Agent 5.x, incoming connections to ePO/Agent Handlers occur on port
443 only in the DMZ.
Other ports in use:
* 8443 (open from the internal network to the DMZ, if using Rogue System
Detection): Console-to-Application Server communication port (listed
as RmdSecureHttpPort in the EPOServerInfo table for ePO).
* 8444 (open from the internal network to the DMZ, if using Rogue System
Detection): Sensor-to-Server communication port (listed
as SensorSecureHttpPort in the EPOServerInfo table for ePO).
* 8801 (open from the internal network to the DMZ, if using the Advanced
Research Center threats download functionality): Security Threats HTTP port
(listed as AVERTAlertsPort in the EPOAvertSettings table for ePO).
SOLUTION 2
This solution is an alternative if Solution 1 is unacceptable and the ePO server
resides only on the internal network.
Make sure that the Hosts file on the DMZ Server includes a route to the IP
address of the ePO server. Then modify the server.ini file as follows. This
change causes all internal network computers to use either the DNS name or
NetBIOS name to communicate with the ePO server. Only the computers in the DMZ
can communicate with the ePO server using the IP address after this change.
1. In Windows Explorer, navigate to: ...\Program Files\McAfee\ePolicy
Orchestrator\DB.
2. Double-click server.ini.
3. Append the following lines to the end of the file:
ServerDNSName=<Fully qualified domain name of the DMZ server>
ServerIPAddress=<IP address of the DMZ server>
4. Click File, Save.
5. Restart the following ePO services:
a. Press Windows+R, type services.msc, and click OK.
b. Right-click the following services and select Restart:
McAfee ePolicy Orchestrator x.x.x Server
McAfee ePolicy Orchestrator x.x.x Event Parser
RELATED INFORMATION
See also the following NAT-related issues:
* KB58747 – Failed to connect to ePO:port, network error was 10061
Describes an issue where ePO does not resolve the IP address of the
SuperAgent. Instead, it uses the IP address given by the agent during
installation.
* KB58818 – ePolicy Orchestrator server can't perform an agent wake-up call to
a VPN client
Describes an issue where the ePO server can't perform an agent wake-up call
to a VPN client.
AFFECTED PRODUCTS
* Configuration
* ePolicy Orchestrator 5.10.x
LANGUAGES:
This article is available in the following languages:
* German
* English United States
* Spanish Spain
* French
* Italian
* Japanese
* Korean
* Dutch
* Portuguese Brasileiro
* Chinese Simplified
--------------------------------------------------------------------------------
台灣 / 繁體中文
Copyright © 2022 Musarubra US LLC | 隱私 | 法律 | 服務條款 | 聯絡我們
選擇所在地區
北美地區
*
* Canada - 英文
* Canada - 法文
* United States/英文
拉丁美洲
* América Latina / 西班牙文
* Brasil / 葡萄牙文
* México / 西班牙文
亞太地區
* Australia / 英文
* 中国 / 簡體中文
* Hong Kong / 英文
* India / 英文
* 日本 / 日文
* 한국 / 韓文
* Singapore / 英文
* 台灣 / 繁體中文
歐洲、中東、非洲
* Česká Republika / 捷克文
* Danmark / 丹麥文
* Suomi / 芬蘭文
* France / 法文
* Deutschland / 德文
* Italia / 義大利文
* Қазақстан / 俄文
* الشرق الأوسط / 阿拉伯文
* Nederland / 荷蘭文
* Norge / 挪威文
* Polska / 波蘭文
* Portugal / 葡萄牙文
* Россия / 俄文
* España / 西班牙文
* Sverige / 瑞典文
* Türkiye / 土耳其文
* Україна / 俄文
* South Africa / 英文
* United Kingdom / 英文
América Latina - Español
Australia - English
Brasil - Português
Canada - English
Canada - Français
China - 中国 (Simplified Chinese)
Deutschland - Deutsch
España - Español
France - Français
Hong Kong - English
India - English
Italia - Italiano
Japan - 日本 (Japanese)
Korea - 한국 (Korean)
México - Español
Nederland - Nederlands
Singapore - English
Taiwan - 台灣 (Traditional Chinese)
United Kingdom - English
United States - English
TITLE
--------------------------------------------------------------------------------
Question?
No
--------------------------------------------------------------------------------
TITLE
--------------------------------------------------------------------------------
Question?
--------------------------------------------------------------------------------