cancel
Showing results for 
Search instead for 
Did you mean: 

McAfee ENS - Solution to protect McAfee ENS Security Settings

Hi,

I’m working on the McAfee ENS Security policies.

I wish to prevent a “Non Admin” User to change McAfee ENS settings on his computer.

I know that it is possible to lock the McAfee ENS Console with a password (Endpoint Security Common Policy). We intend to apply this type of policy on our pool of PCs.

But is it possible to prevent access to McAfee ENS Settings with a Windows UAC Rule (Like McAfee VirusScan) ?

For example : Non Admin User can open the VSE Console but can’t change any Security settings (all greyed out).

Information on my Test Environment :

W10 Laptop with McAfee ENS 10.6 (+ DLP 11)

-          McAfee ENS platform 10.6.0.542

-          McAfee ENS Firewall 10.6.0.348

-          McAfee ENS Threat Prevention 10.6.0.672

-          McAfee DLP 11.0.500.582

Best Regards,

Thomas

 

 

-          McAfee ePO Agent 5.5.1.342

1 Reply
McAfee Employee sbenedix
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: McAfee ENS - Solution to protect McAfee ENS Security Settings

Hi there Thomas,

 

nope, UAC has no handle on the ENS console per se (the process for the ENS console is "known" to Windows, its signed etc.). That being said, you may have some flexibility on the UAC settings side (possibly through GPO) to excert some kind of monitoring with UAC over this process. I have never dug into the "UAC backend" so far as there has never been a need to leverage UAC, utilising the password lock for all cases proved to be useful/sufficient to prevent access.

 

Hth.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator