McAfee Tuesday announced a redesigned version of its management console ePolicy Orchestrator (ePo) used for a wide variety of security tasks, including endpoint and server protection updates.
The 4.5 version of ePO software is based on a new architecture intended to more efficiently manage updates, policy changes and other security-management tasks associated with endpoints and servers that have McAfee's security agent software on it.
The new three-tier architecture introduces a server-based "agent handler" that is under the control of the primary ePO console. The ePO agent handler is deployed to update ePO-managed machines in locations far from the main ePO management console.
Although the older version of ePO is scalable up to about 500,000 nodes, the problem has been that enterprises found they were deploying multiple ePO servers and the related security-management databases in multiple locations around the world, says Matt Fairbanks, senior vice president products and solution marketing at McAfee.
The three-tier architecture lets security managers deploy a more lightweight ePO agent handler at various locations under the central control of the common ePO manager instead.
"If you move to Tokyo from London for a month, that agent handler will get you get the signature updates and security policies," Fairbanks says.
The agent-handler architecture is an option in ePO 4.5, but McAfee is recommending enterprises, especially large or geographically distributed ones, make use of this three-tier architecture because McAfee predicts they'll see bandwidth savings and less need for server hardware (the handler agent is said to be far less resource-intensive than the main ePO console software).
Another design change in ePO v. 4.5 is that ePO can keep track of Windows-based credentials so that an appropriate security profile for the user can be based not just on the machine, but the individual user, Fairbanks says. "Now EPO knows it's you by your windows log-in," says Fairbanks. This will set better controls for everything from data-loss prevention policies to signature updates, he said.
Also, ePO 4.5 ships out of the box fully integrated with help desk products that include BMC's Remedy and HP OpenView; previously, more laborious integration work was required, Fairbanks says. A new automation feature in ePO 4.5 also allows security managers to tag machines, such as a SQL server for example, to make sure it receives specific security protections, for instance host intrusion-prevention software.