cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

ENS Manual Migration Question

Jump to solution

Dear All,

I need your views and suggestions and kinda formula which I would need to approach. I am to perform a migration task. Here goes the details.

1. More than 60K nodes with VSE and HIPS.

2. VSE OAS high low risk along with Default process exclusion policies are 100's in numbers.

3. VSE Access Protection user defined rules created in x,y,z policies are about 80's.

4. Same applies to IPS, Firewall, etc.

My requirement is to minimize the policies rather having multiple. I need your suggestion as to how I proceed, is there a possibility to merge the policies? If so how?

In Addition, what I have done was for example. I have taken OAS Default Process policies where the policies are 10's in numbers, I just compared all the ten policies with one policy and derived all the exclusions for process, file and folders etc and created a list of them, where that should be added in the base policy so that all the exclusions and file folder list can be consolidated and the policy would become standard rather than having customized. Please tell me if this is a good approach?

 

I look forward your reply.

Regards,

Venu

 

Venu
1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: ENS Manual Migration Question

Jump to solution

Dear Venu

You may find that merging your policies is not in your best intrest. We recommend creating seperate policies for systems with specific purposes i.e. an SQL server would need different exclusions than an Exchange server. If you merge these and apply the exclusions across your entire estate you may be risking your security as you are now excluding items on systems which aren't needed to fulfill the server's purpose.

Further having large policies containing many exclusions can have a negative effect on your performance. Every action on your system needs to be scanned by our scanner. Even if the item is excluded, we will still need to touch the file/ process and cross reference it with your exclusion list - if that list contains 100+ items, it will take the scanner longer than if that list is kept small.

We don't have a merge tool. If you wish to combine your policies, it would be best practice to go through the list and ensure you add the exclusions you need in your environment and also check for duplicates. You can submit the creation of such a tool as an idea to our Ideas Forum: https://kc.mcafee.com/corporate/index?page=content&id=KB60021

 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

2 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: ENS Manual Migration Question

Jump to solution

Hi @vnaidu

I recommend going through:

Endpoint Security 10.6.0 Migration Guide (ePO managed)
Product Documentation ID: PD27567

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: ENS Manual Migration Question

Jump to solution

Dear Venu

You may find that merging your policies is not in your best intrest. We recommend creating seperate policies for systems with specific purposes i.e. an SQL server would need different exclusions than an Exchange server. If you merge these and apply the exclusions across your entire estate you may be risking your security as you are now excluding items on systems which aren't needed to fulfill the server's purpose.

Further having large policies containing many exclusions can have a negative effect on your performance. Every action on your system needs to be scanned by our scanner. Even if the item is excluded, we will still need to touch the file/ process and cross reference it with your exclusion list - if that list contains 100+ items, it will take the scanner longer than if that list is kept small.

We don't have a merge tool. If you wish to combine your policies, it would be best practice to go through the list and ensure you add the exclusions you need in your environment and also check for duplicates. You can submit the creation of such a tool as an idea to our Ideas Forum: https://kc.mcafee.com/corporate/index?page=content&id=KB60021

 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community