cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
vnaidu
Level 9
Report Inappropriate Content
Message 1 of 6

ENS Migration for Access Protection Policy

Jump to solution

Can you suggest,

I am migrating the VSE policies to ENS. I have taken Access Protection, but it comes along with Buffer overflow, IPS rules,  IPS protection and IPS options.

The question is if it is mandate to select all the 4 policies and migrate them or simply I can select Access Protection and selet none for the remaining policies?

Please suggest me what happens if I go with this option, or is it recommended to select all the policies and go for migration. What will happen if I only migrate Access Protection alone. I think may be if I try to migrate IPS rules, I will have to select none for Access Protection during that time. I am confused please suggest me what options of Access Protection rule will be merged with ENS policies, I have read the document, but still it makes me unclear.

I would wait for your suggestions or advise.

 

 

 

Venu
2 Solutions

Accepted Solutions
McAfee Employee tzemva
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

Hi @vnaidu

Endpoint Security 10.6.x Migration Guide (ePO managed) - PD27567

- Every Policy Migration you execute will generate a new ENS policy. If you want to have all your VSE and HIPS settings in one ENS policy you need to select all source policies you want them to be joined in ENS equivalent.

ENS-policy-mapping.jpg

McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

@vnaidu I personally recommend walking through the manual migration wizard regardless as it helps you to get more aquainted with the way ENS policies are structured. When you do the manual migration it will still do the mapping for you and take the VSE settings and merge it into the ENS format and policies. However, you can choose to automatically migrate the majority and then manually migrate just AP. 

However, please be aware that AP VSE does map a few configuration settings into the ENS Common Options policy. As such, you may need to then review what was added there to combine the settings there with the auto-migrated Common Options policy settings.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

5 Replies
McAfee Employee tzemva
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

Hi @vnaidu

Endpoint Security 10.6.x Migration Guide (ePO managed) - PD27567

- Every Policy Migration you execute will generate a new ENS policy. If you want to have all your VSE and HIPS settings in one ENS policy you need to select all source policies you want them to be joined in ENS equivalent.

ENS-policy-mapping.jpg

vnaidu
Level 9
Report Inappropriate Content
Message 3 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

I already have this read PD27567, however there are multiple questions, doubts that rolls while I start the migration.

One of my colleague started to migrate only Access Protection Policiy rather selecting HIPS etc, if he does that way what is the success criteria, are there any issues doing that way. Please give me your thoughts/advise the best way to start off with. Because my environment is very complex and have to start off with a clear idea.

Migrating VSE policy one by one alone would be time consuming and I am not certin if that helps in completing the migration without any issues.

Venu
McAfee Employee tzemva
McAfee Employee
Report Inappropriate Content
Message 4 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

Hi @vnaidu

I agree with you that manual migration would be very time consuming. Only benefit I see it that during the process you can review existing settings, configuration and remove old, no longer needed bits.

So I would suggest using automatic migration as this will get you closest to your existing state. That is then a good starting position and you can start testing. The test results will then show any issues with configuration.

vnaidu
Level 9
Report Inappropriate Content
Message 5 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

@tzemva

Thank you for the reply, I have read that if the numbers are 250 or more, manual migration is recommended, how about this point?

Is it suggested to migrate Access Protection alone by selecting none for remaining policies vice versa. would I still get the same settings and would it merge with ENS settings?

 

Regards,

Venu
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: ENS Migration for Access Protection Policy

Jump to solution

@vnaidu I personally recommend walking through the manual migration wizard regardless as it helps you to get more aquainted with the way ENS policies are structured. When you do the manual migration it will still do the mapping for you and take the VSE settings and merge it into the ENS format and policies. However, you can choose to automatically migrate the majority and then manually migrate just AP. 

However, please be aware that AP VSE does map a few configuration settings into the ENS Common Options policy. As such, you may need to then review what was added there to combine the settings there with the auto-migrated Common Options policy settings.

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?