Unable to find machines in McAfee ePO 4.5

Introduction
When you want to add managed system from a workgroup or domain you cannot locate anything when you click on browse button.

Solutions
On your windows computer (win7 or winxp) which join workgroup or domain, on their windows firewall allow file and printer sharing for winxp and allow inbound connection for smb on windows 7, for my case my windows 7 enterprise allow inbound connection to domain.
firewall1

Windows XP firewall

Windows XP firewall

On your ePO server open services.msc and enable Computer browser service on Windows 7 and Windows XP.
computer browser service

Risk
The discovery of the computers in domain and workgroup uses smb ports which are TCP 135,139, 445 these have known vulnerabilities which can be exploited especially on Windows XP (regardless of which service pack the famous exploit is netapi exploit), it is recommended application whitelisting such as Bit9 or McAfee Application Control or even Windows App locker to whitelist the existing programs so that exploits even if downloaded inadvertently cannot be executed.

Advertisements
This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s