cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Blason_R
Silver

Updates over internet for remote agents

Hi Team,

I believe if emote agents needs to communicate with Management server I guess I need to use FQDN right? Or how agents will come to know the public IP address which is natted IP for EPM server over the internet? And which is best method to be used FQDN or Public IP?

4 Replies
Employee
Employee

Re: Updates over internet for remote agents

Endpoint Security clients communicate with the Management server by IP address.

You can follow sk112099 in the support center to allow access to the server using NAT:

Allowing access to Endpoint Security Management and Policy Server using its NAT address

0 Kudos
Blason_R
Silver

Re: Updates over internet for remote agents

Hide nat? does that mean connection from Remote agents wont be coming in to fetch policy? Or is it just a push from EPM server to clients? And how about logs at remote agents, seems that means those wont be stored on EPM server if user is remote and not in network?

0 Kudos
Cody_Ray
Iron

Re: Updates over internet for remote agents

I have to agree.  I'm not sure how this works from the agent side and how they recognize the public IP/FQDN by simply adding a NAT statement to the Policy Server object?

0 Kudos
Cody_Ray
Iron

Re: Updates over internet for remote agents

I have discovered a slightly more detailed answer.  The article is describing Azure deployment but it seems to address the NAT in more detail.

sk118133

Configure a Network Address Translation (NAT) rule in SmartDashboard in order to add the public IP address of the deployed machine to the supported servers list. This step is needed in order to make the Endpoint Security Server available outside the Azure network environment. 

  1. Login to the Smart Endpoint Console.
  2. Select 'File > Manage > Endpoint Servers'.
  3. Highlight the NAT object and select "Edit", click "Next", then "Next" again.
  4. At this point, make sure the "Install Database Checkmarks" are all selected and select "Finish".
  5. After the Install Database completes you should install policy. You should see that your General Properties has updated and that the server list will be updated in the install policy window.

I think this more adequately describes how the clients are updated with the server listing (which should reflect the public IP)

0 Kudos