cancel
Showing results for 
Search instead for 
Did you mean: 
schroe2k
Level 7

Access Protection

Hi Community, this is my first Post/Question

I use ENS 10.5.2 with Agent 5.0.5 and configured from EPO- Server.

I Need to allow some .VBS scripts from the **/Windows/temp/*.vps Folder but the Rule "ACCESS PROTECTION 24h -> Executing scripts by Windows script host (CScript.exe or Wscript.exe) from common user folders " is blocking it, even though i wrote an Exception for it in the Rule itself.

to Keep it simple i excluded **Windows\Temp\*.vbs in the Rule but .vbs Scripts Keep getting blocked.

i do not know what is wrong and my config. it does not matter if i address the single file or if i allow all *.vbs in **/temp/*.vbs  Folders. they get blocked anyway.

Maybe you can see what i am doing wrong.

Thank you very much in advance,

Schroe2k

0 Kudos
2 Replies
DavHio
Level 9

Re: Access Protection

Hi,

Im checking my Access Protection and wonder what you added in "Exclusions" for this files to be excluded?

In my case, MSIEXEC.EXE have the following settings:

0 Kudos
frank_enser
Level 12

Re: Access Protection

Hi,

this rule is McAfee defined and you cannot exclude target paths/files. But you can recreate this rule: just create a new rule, add the cscript, wscript, ... executables under "Ausführbare Dateien" and add the TEMP folders under "Untergeordnete Regeln"/"Ziele" but add a "Ziel" with **\Windows\Temp\*.vbs and "Einschlussstatus" is "Ausschließen".

Regards,

Frank

0 Kudos