200 likes | 337 Views
McAfee and SCCM management overview and options. Research meeting February 24 th , 2011. Introductions. Manuela Stoyanov - manager Rick Burrows – team lead David Nguyen – senior engineer CID – Client Infrastructure Design Client (desktops and notebooks) Imaging
E N D
McAfee and SCCM management overview and options Research meeting February 24th, 2011
Introductions • Manuela Stoyanov - manager • Rick Burrows – team lead • David Nguyen – senior engineer • CID – Client Infrastructure Design • Client (desktops and notebooks) Imaging • Client Management – AV, SCCM • Client agents, integration, customizations and development
AV - Existing McAfee infrastructure • One EPO (ePolicy Orchestrator) server and one dedicated SQL server to house the database • Six distribution points for DAT(Signature) files and McAfee product updates • Forty six thousand Windows based clients • Daily DAT updates after 6 PM • EPO server version 4.5 • McAfee VirusScan Enterprise 8.7i with patch 3 • McAfee ePO agent 4.0 with patch 3
Server Load - Existing Options • Support for Windows clients • Support for Macintosh clients • Licensed for 2,000 Macintosh clients The data in the following chart and tables shows how many client systems each type of server can manage, with a required response time. For each server class, McAfee provides recommendations for 2, 4 and 8 processor server. The response time is in hours for each server, according to the number of supported client systems. https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/22000/PD22426/en_US/epo_450_hardwarebandwidth_guide_en-us.pdf
Number of client systems that can be managed by number of processors
Support Considerations • CID will deliver updates to research clients with agents connecting to the existing infrastructure – impact on testing cycles; user interaction and server load? • Select the appropriate options for deployment • Changes to infrastructure ? • Follow the established phased cycle of test and deploy • Dedicated contacts for the test cycles • Versions of MAC OS supported
Products for Mac • McAfee for Mac Version 9.0 • End point protection • McAfee Agent 4.0 • Policy management
System Requirements for Macintosh Support • McAfee VirusScan for Mac • Apple Mac OS X v.10.6 (Snow Leopard) or later • Apple Mac OS X v.10.5 (Leopard) or later • Apple Mac OS X v.10.4 (Tiger) or later • Intel or PowerPC-based Mac • 1 GB RAM or higher • Minimum 300 MB of free disk space
Future View • Anti-virus evaluation project launched in January 2011 to select a new vendor by end of 2011 • McAfee, Symantec, Microsoft – top AV leaders • McAfee is the PHS encryption vendor as well • Considerations
SCCM Overview • The current SCCM architecture supports 49,000 Windows based clients and is designed to scale up to 75,000
Current State • 43,000 clients in CID collections • 50,000 total clients in inventory • Current architecture can support up to 75,000 clients • Room to grow to 100,000 clients • Features currently in use • Inventory (Software and Hardware) • Software Metering • DCM compliance • Patching • Remote control via Citrix • Asset Intelligence • SQL reporting services for SCCM reports
SCCM Architecture Adapted for Research Option 1 • Current architecture can accommodate research devices with few changes • New Management and Software update point must be added • Windows devices would be treated like current patch clients • Patches deployed on the Friday after patches are released
SCCM Architecture Adapted for Research Option 2 • Research only implementation is possible • It would require approximately 10 servers • Management and administration of patch process would be controlled by research
Additional Platform Support Considerations • SCCM only supports Windows clients and software out of the box • There are 3rd party products to support other platforms and software • Linux • Macintosh • Adobe products
Additional Platform Support Considerations • Linux and Macintosh clients do not have a patch agent • Patches would be pushed as software delivery tasks • 3rd party software delivery mechanism would depend on platform • Windows clients see it as a patch • Linux and Macintosh clients as a software delivery task
Power Management Power management of personal computers has the potential to save significant amount of electricity as well as deliver other economic and environmental benefits
Next Steps • Select the appropriate options for deployment • Changes to infrastructure • Phased cycle of test and deploy • Dedicated contacts for the test cycles