馃摉
Trellix ePolicy Orchestrator - On-prem 5.1
  • INTRODUCTION
    • 馃憢Introduction
  • PRODUCT OVERVIEW
    • Module Intro
    • ePO Overview
      • Security Management Framework
      • How it Works
      • Basic Product Components
      • Communications: Tomcat Service
      • Communications: Security Keys
      • ePO Console
    • Trellix Agent Overview
      • Product Overview
      • Key Features
      • Services
    • ePO Resources
    • Module Summary
  • INSTALLATION AND UPGRADE
    • Module Intro
    • Installation and Upgrade
    • Pre-Installation Auditor Tool
    • Post-Installation Tasks
    • Upgrade
    • Module Summary
  • SERVER CONFIGURATION
    • Module Intro
    • ePServer Configuration
    • System Tree
    • Tag Management
    • Module Summary
  • PRODUCT MANAGEMENT
    • Module Intro
    • Software Catalog
    • Extension and Package Management
    • Product Deployment
    • Client Task Management
    • Creating a Custom Properties Client Task Simulation
    • Module Summary
  • POLICY MANAGEMENT
    • Module Intro
    • Policies Overview
    • Duplicating and Editing a Policy Simulation
    • Module Summary
  • USER MANAGEMENT
    • Module Intro
    • User Accounts
    • Permission Sets
    • Contacts
    • Creating a New Permission Set Simulation
    • Module Summary
  • DASHBOERDS, QUERIES, REPORTS
    • Module Intro
    • ePO Dashboards
    • Queries and Reports
    • Reports
    • Creating a New Dashboard Simulation
    • Building a Report Simulation
    • Module Summary
  • DISASTER RECOVERY
    • Module Intro
    • Disaster Recovery Overview
    • Running a Disaster Recovery Snapshot Simulation
    • Module Summary
  • TROUBLESHOOTINGS BASICS
    • Module Intro
    • Troubleshooting using Log Files
    • Troubleshooting Tools
    • Module Summary
  • Summary
    • Course Summary
Powered by GitBook
On this page
  1. PRODUCT OVERVIEW
  2. Trellix Agent Overview

Product Overview

PreviousTrellix Agent OverviewNextKey Features

Last updated 1 year ago

The Trellix Agent is the client-side component of ePO. You must install it on each system in your network that you want ePO to manage.

Key functions:

路 Provides a secure communication channel to ePO and local services for other point-products

路 Includes an updater component that uses the Sitelist.XML file (list of available repositories) to find and download client or endpoint product updates; it can retrieve files from Hypertext Transfer Protocol (HTTP) sites, File Transfer Protocol (FTP) sites, Universal Naming Convention (UNC) shares, and ePO repositories. The order of sites in the site list controls the site chosen to do downloads. The updater attempts to get files from sites at the top of the list first. If it cannot get the files from the first site (perhaps because the site is down or the files it wants aren't there or are corrupted), it goes to the next one in order, and so on.

In addition to providing a secure communication channel, the Agent provides local services to managed Trellix products and to products developed by Trellix Security Innovation Alliance partners. While running silently in the background, the Agent:

路 Gathers information and events from managed systems and sends them to the ePO server.

路 Installs products and their upgrades on managed systems.

路 Enforces policies and schedules tasks on managed systems.

路 Updates security content, such as the DAT files associated with Endpoint Security or Host Intrusion Prevention.

The Agent uses Hypertext Transfer Protocol (HTTP) over an IP connection to communicate and uses TCP Port 80 or 443 by default, except for Agent Wakeup calls. Agent Wakeup calls use Transmission Control Protocol (TCP) Port 8081. Except for wakeup calls, the Agent initiates all communication between the ePO server and client. This communication is called the Agent-to-Server-Communication-Interval (ASCI).