cancel
Showing results for 
Search instead for 
Did you mean: 

Allowing SCCM through McAfee ENS, help.

So im trying to get SCCM and its Agent to work through McAfee ENS Firewall, as of now i know it blocks deployment and repair of the agent.

ive been looking at what MS says needed for it to functino and its quite a lot ... 

https://msdn.microsoft.com/en-gb/library/mt629397.aspx

https://support.microsoft.com/en-us/help/327453/recommended-antivirus-exclusions-for-configuration-m...

https://social.technet.microsoft.com/Forums/en-US/753bddc0-0147-4b9a-901c-94e55d024850/sccm-2012-ant...

There seems to be no way to mass add the listed items from links above rather then doing it slowly and painfully one by one.... 

Anyone have a quicker way off adding all of the stiff in the links to ePo ?

3 Replies
McAfee Employee johma
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Allowing SCCM through McAfee ENS, help.

HI, 

You will need to build the policy including the required information.  Once the policy is created, then ePO will be able to distribute it to all qualifying nodes. 

However, there is no "import" function to scrape the data from the webpage. 

In most cases, webpages hold multiple configurations for varying versions of prducts and it would not be good to just do a blanket import even if the information was specific to one environment/version type. 

Generally, the Microsoft methodology is to exclude everything and in some cases where not all features would be used, maybe some exclusions can be dropped all together, if not at least reviewed and refined to narrow the risk. 

 




Was my reply helpful?


If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: Allowing SCCM through McAfee ENS, help.

What i mean is that there is no way to add it all on a single page,
the way ePo UI is you have to go to Policy Catalog > Endpoint Security Firewall  > Edit Policy > "Add rule

in here you have to pick Transport protocol, click "add"  give name,

Click "New" give name and Path. click "ok"

and when you have 50+ things to enter this is very repetetive.

Id like to feed it with either a CSV file with  Protocol, port, exe, path.

or
it should give a UI where you can enter multiple things in one go on one page and not clikc "Save/ add" 100 times

McAfee Employee ktankink
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Allowing SCCM through McAfee ENS, help.

Id like to feed it with either a CSV file with  Protocol, port, exe, path.

or
it should give a UI where you can enter multiple things in one go on one page and not clikc "Save/ add" 100 times

You'll need to submit an IDEA (KB60021) to request product functionality for a future version.  ENS Firewall does not currently have this functionality.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator