McAfee Epolicy Orchestrator Archistecture

how McAfee ePolicy Orchestrator System design and structure

epo

Each module in ePO architecture as it part in the system, those are the part’s of each module:

McAfee Agent/Common Management Agent

-Framework Service
-Collects properties & events
-Passes information to ePO (Apache) Server
-Receives policy or task changes
-New policy requests are delivered from the Apache policy cache
-Uses a proprietary SPIPE protocol to encapsulate
-ASCI – Agent to Server Communication Interval

Event Parser Service

-Is in charge of parsing incoming events to the Database.
-DAL (Data Abstraction Layer)
-Event Parser Plugin
-Normalizing events
-Common Event Format (CEF)
-Event Receptor AlertER.DLL
-Parses event from the events directory or shared memory through the DAL.
-Parses events through AlertER.dll to send notifications based on policy.

Tomcat

-Console UI – provides your internet browser with a webpage to remotely manage the ePO server
-Reporting – SQUID (Structured Query User Interface)
-Extension Management – allows for modular changes to the ePO platform and Point Products management.
-User Management – Provides user permission and settings for the ePO server and components.
-Notifications – Provides the UI, rule engine and Actions of Notifications.
-Policies – Provides policy management, the UI and point product management.
-System tree management – Provides the UI of the system tree, organization of nodes, tags and policies of those nodes.

Leave a Reply

Your email address will not be published. Required fields are marked *