I do not wish to allow all outgoing connections, ever. Yet Endpoint Firewall seems to find every opportunity to re-create that rule when it is deleted or reactivate it when it is disabled. No matter what I do the rule will eventually come back. Why are defaults being restored? If I want to restore defaults, I will click the button that says "Reset to defaults".
Why are defaults being restored?
Hi @j_mo , is your system being managed by the McAfee Agent and ePO server? If so, the policy set from the ePO server will be re-enforced frequently (based on your management server configuration).
Which ENS Firewall rule are you referring to that is being disabled/re-enabled?
I don't have any group policies or anything. I'm just using the Endpoint Security my school provides on a personal laptop. The rule that continues to return is Allow all outgoing connections under the default rules. I delete it, and it returns after some time. If I create a rule in the User rules section for blocking unmatched outgoing connections, then it takes priority over the default connections that are still enabled, so this is not desirable either.
This is likely because your system is managed by ePO. The policy enforcement performed by the agent will re-enforce any rules your admin has set via ePO. You would need to contact them to either create a special rule set for you or for them to change it in general.
Your admin will also have an option to enable to retain user-added rules.