Product Overview
Last updated
Last updated
The Trellix Agent is the client-side component of ePO. You must install it on each system in your network that you want ePO to manage.
Key functions:
路 Provides a secure communication channel to ePO and local services for other point-products
路 Includes an updater component that uses the Sitelist.XML file (list of available repositories) to find and download client or endpoint product updates; it can retrieve files from Hypertext Transfer Protocol (HTTP) sites, File Transfer Protocol (FTP) sites, Universal Naming Convention (UNC) shares, and ePO repositories. The order of sites in the site list controls the site chosen to do downloads. The updater attempts to get files from sites at the top of the list first. If it cannot get the files from the first site (perhaps because the site is down or the files it wants aren't there or are corrupted), it goes to the next one in order, and so on.
In addition to providing a secure communication channel, the Agent provides local services to managed Trellix products and to products developed by Trellix Security Innovation Alliance partners. While running silently in the background, the Agent:
路 Gathers information and events from managed systems and sends them to the ePO server.
路 Installs products and their upgrades on managed systems.
路 Enforces policies and schedules tasks on managed systems.
路 Updates security content, such as the DAT files associated with Endpoint Security or Host Intrusion Prevention.
The Agent uses Hypertext Transfer Protocol (HTTP) over an IP connection to communicate and uses TCP Port 80 or 443 by default, except for Agent Wakeup calls. Agent Wakeup calls use Transmission Control Protocol (TCP) Port 8081. Except for wakeup calls, the Agent initiates all communication between the ePO server and client. This communication is called the Agent-to-Server-Communication-Interval (ASCI).