I was at a client site today and while deploying the forefront agent remotely to an Exchange 2010 mailbox server from Forefront Protection Server Management Console (FPSMC), the job failed with the error given below.
Failed to deploy the Agent.
Could not connect to net.tcp://server fqdn:8815/DeploymentAgent. The connection attempt lasted for a time span of 00:00:21.0470097. TCP error code 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond server ip:8815.
The issue was that the required ports (8815 & 8816) for installing FPE remotely was blocked by the firewall. As soon as those ports were opened on the windows firewall (on 2010 server), the agent installed successfully.