cancel
Showing results for 
Search instead for 
Did you mean: 
bob325
Not applicable
Report Inappropriate Content
Message 1 of 4

SolidCore 6.1.3// VASR_VIOLATION_DETECTED exclusions

Hi  team

I have  an internal  application  blocked  by  application  control as  "VASR_VIOLATION_DETECTED" events.

I have  created  Defined  by  pass  rule  below  but  I still  have  the  same  issue .

Please  see  below  the  event generated  and  defined  bypass  rule  created

EVENTS.png

Policy  created

Policy  Discovery  is  not available  on  my  epo  console  any  suggestion?POLICY1.png

Menu | Application Control | Policy Discovery to open the Policy Discovery

Any  help  will be  helpful  for  me.

Thanks 

Bob

.

3 Replies
vaidyanathan
Not applicable
Report Inappropriate Content
Message 2 of 4

Re: SolidCore 6.1.3// VASR_VIOLATION_DETECTED exclusions

Hi,

Have  you got host intrusion prevention agent installed on that system?

As per application control best practice document, if you have HIPS installed on a system, it is safe to disable memory protection in App Ctrl.

Thanks

Highlighted
bob325
Not applicable
Report Inappropriate Content
Message 3 of 4

Re: SolidCore 6.1.3// VASR_VIOLATION_DETECTED exclusions

Hi ,

HIPS is  not  installed  on  the  machine

Thanks


neelima
Not applicable
Report Inappropriate Content
Message 4 of 4

Re: SolidCore 6.1.3// VASR_VIOLATION_DETECTED exclusions

Bob,

Please check if the Policy got applied on the endpoint. Also the policy will be applicable for the next run of the application(which I dont think is the issue here).

If you still dont see success, please file a case with support.

Thanks,

McAfee ePO Support Center Plug-in
Check out the new McAfee ePO Support Center. Simply access the ePO Software Manager and follow the instructions in the Product Guide for the most commonly used utilities, top known issues announcements, search the knowledgebase for product documentation, and server status and statistics – all from within ePO.