McAfee EPOCDE-AA-BA Product Guide - Page 188
Supported package types, Package signing and security, Package type, Description, Origination
View all McAfee EPOCDE-AA-BA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 188 highlights
16 Using tasks to manage products and systems Deployment packages for products and updates These package types can be checked in to the master repository with pull tasks, or manually. Supported package types Package type SuperDAT (SDAT.exe) files File type: SDAT.exe Supplemental detection definition (ExtraDAT) files File type: ExtraDAT Product deployment and update packages File type: zip Agent language packages File type: zip Description Origination The SuperDAT files contain both DAT and engine files in one update package. If bandwidth is a concern, McAfee recommends updating DAT and engine files separately. McAfee website. Download and check SuperDAT files in to the master repository manually. The ExtraDAT files address one or more specific threats that have appeared since the last DAT file was posted. If the threat has a high severity, distribute the ExtraDAT immediately, rather than wait until that signature is added to the next DAT file. ExtraDAT files are from the McAfee website. You can distribute them through ePolicy Orchestrator. Pull tasks do not retrieve ExtraDAT files. McAfee website. Download and check supplemental DAT files in to the master repository manually. A product deployment package contains the installation software of a McAfee product. Product CD or downloaded product zip file. Check product deployment packages in to the master repository manually. For specific locations, see the documentation for that product. An agent language package contains files necessary to display agent information in a local language. Master repository - Checked in at installation. For future versions of the agent, you must check agent language packages into the master repository manually. Package signing and security All packages created and distributed by McAfee are signed with a key pair using the DSA (Digital Signature Algorithm) signature verification system, and are encrypted using 168-bit 3DES encryption. A key is used to encrypt or decrypt sensitive data. You are notified when you check in packages that are not signed by McAfee. If you are confident of the content and validity of the package, continue with the check-in process. These packages are secured in the same manner described above, but are signed by ePolicy Orchestrator when they are checked in. Digital signatures guarantee that packages originated from McAfee or were checked in by you, and that they have not been tampered with or corrupted. The agent only trusts package files signed by ePolicy Orchestrator or McAfee. This protects your network from receiving packages from unsigned or untrusted sources. 188 McAfee® ePolicy Orchestrator® 4.6.0 Software Product Guide