cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ezim
Level 9
Report Inappropriate Content
Message 1 of 4

ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

We are seeing issues with the ENS 10.6.1 Firewall since we upgraded to the Feb 2020 (10.6.1.1447).

The wrong rules are getting matched.

Additionally, we are also having problems with not seeing all events being recorded in the FirewallEventMonitor.log file when NIPS is switched on.

 

Does anyone else see these issues?

1 Solution

Accepted Solutions
ezim
Level 9
Report Inappropriate Content
Message 4 of 4

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution
3 Replies
Rfranci
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

Hi,

That’s strange, how the wrong rules are getting triggered!

It would be great if you can let us know the below details:

  • Was there any changes in the policy ?
  • What is the previous ENS version that you were using ?
  • How many machines have been impacted at the moment?
  • Was all the components of ENS including platform updated to latest version of 10.6.1?
  • What was the rule that was triggered wrong and what is the expected behavior of that rule?

 

Thank you,

ezim
Level 9
Report Inappropriate Content
Message 3 of 4

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

Hello @Rfranci,

- There were no changes to the policy, the only change was the upgrade to the ENS Feb 2020 version

- The previous version is ENS Dec 2019

- All machines that had upgraded to the Feb 2020 version were impacted at the time

- All components were updated (Platform, Threat Prevention, Firewall, Web Control)

- The matched rule was "Allow McAfee signed applications"

I've raised a SR, but I haven't had an answer to what is causing the issue yet. It's most frustrating. I did find that the rule isn't parsed correctly on the Endpoint. And as able to find a work-round myself which I implemented and detail in the SR.

Thank you for your assistance.

ezim
Level 9
Report Inappropriate Content
Message 4 of 4

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community