cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
nkos
Level 7
Report Inappropriate Content
Message 1 of 9

OAS policy does not get applied to the machine

Hello,

 

I am facing a problem with OAS exclusion list. The OAS policy with exclusion list that i specified on cloud ePO is not reflected on my linux machine. The agent version is 5.6.1 and Endpoint Security for Linux Threat Prevention version is 10.6.4. Did anyone ever have this problem before? and how to resolve this?

Thank you

8 Replies
patrakshar
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 9

Re: OAS policy does not get applied to the machine

@nkos 

Are you seeing updated communication time from the Linux box in your System Tree?

As long as Extensions are up to date policy enforcement should not be problem. Can you please share the information what exclusion you have in EPO and what reflected locally?

nkos
Level 7
Report Inappropriate Content
Message 3 of 9

Re: OAS policy does not get applied to the machine

@patrakshar 

Yes, the communication time is updated. below are the screenshots of exclusion list from my EPO and linux machine.

 Screen Shot 2019-09-26 at 9.32.49 AM.png

Screen Shot 2019-09-26 at 9.31.41 AM (1).png

patrakshar
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 9

Re: OAS policy does not get applied to the machine

Interesting. We would need to look at the configuration and logs once to take it further. Nothing conclusive I can say but there is known issue Issue where  Policy enforcement from ePO fails after restarting McAfee Agent 5.6.0. This has been found with 10.6.0 version. In case you are using the same version of ENSLTP and Agent then thats where we should start looking into. Otherwise I will need to look at the ENSLTP and MA debug log. Would suggest to open a SR with support so that we can investigate it further.

nkos
Level 7
Report Inappropriate Content
Message 5 of 9

Re: OAS policy does not get applied to the machine

I already have a SR open with support. Hopefully they can figure out and help me resolving this issue. Thanks!
A1468282
Level 7
Report Inappropriate Content
Message 6 of 9

Re: OAS policy does not get applied to the machine

Hello,

Was there a solution to this? Our organization has also been going through this issue, since roughly around the same time.

 

Regards,

Akshata Surve

Former Member
Not applicable
Report Inappropriate Content
Message 7 of 9

Re: OAS policy does not get applied to the machine

Hi @A1468282 

There can be many reasons a policy isn't being applied so a general solution recommendation is hard in this situation.

A few things to check:

* Does the issue persist if you assign all "McAfee Default" policies for ENS to the client?

* Does the policy status within ePO say "enforcing"?

* When you press "Check for new policies" on the Agent Status Monitor, do you see an entry for ENDP_AM? 

A1468282
Level 7
Report Inappropriate Content
Message 8 of 9

Re: OAS policy does not get applied to the machine

Hello,

Below are the answers

* Does the issue persist if you assign all "McAfee Default" policies for ENS to the client?

No, since McAfee default policies do not have any exclusions it states the same on the server.

But as soon as I duplicate a policy from McAfee default policy or for the matter even create a new fresh one. 84 -85 exclusions can be seen again from the old policy.

And yes it shows 84-85 exclusions always, not more not less.

 

* Does the policy status within ePO say "enforcing"?

Yes it says "enforcing"

 

* When you press "Check for new policies" on the Agent Status Monitor, do you see an entry for ENDP_AM? 

This is on a linux machine so no i cant open agent status monitor

 
It seems like a product issue because on the servers where we are using  MA 5.0.6.220 and ENS 10.5.3. We can see all exclusions updating properly.
 
 
Regards,
Akshata Surve
Former Member
Not applicable
Report Inappropriate Content
Message 9 of 9

Re: OAS policy does not get applied to the machine

Hi @A1468282 

Unfortunately is sounds like your policy may be corrupt. And I'm sorry to say that there is no way of repairing it except for manually by duplicating the McAfee Default policy and adding all your settings back.

However you mention on systems using  MA 5.0.6.220 and ENS 10.5.3 you don't see the issue - which version of the products are the systems seeing the issue using? And if they are higher, have you checked that your extensions match that higher version?

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community