cancel
Showing results for 
Search instead for 
Did you mean: 

Policy Assignment Rules - Not Working

Jump to solution

I have a global policy applied to my organization, but have specific policies that are applied via Policy Assignment rules depending on the system tag.

 

In this case I am specifically applying an exclusion policy for both ATP and Threat Prevention. In both cases, the policy that is applied via the Policy Assignment rules appears to not be applying to the tagged systems. When I look at hte consoles of the systems, the exclusions that are supposed to be applied by the Policy Assignment rule is not on the system. What's my issue?

1 Solution

Accepted Solutions

Re: Policy Assignment Rules - Not Working

Jump to solution

@jess_arman

 

Thanks for the reply. Everything in my policy configuration seemed to be normal. Just for some reason this rule wasn't being applied. I created a new rule with the same policies attached and that one appears to apply as planned. I just deleted the other rule, but I think I'm back to good now. Thanks again.

 

2 Replies
McAfee Employee jess_arman
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Policy Assignment Rules - Not Working

Jump to solution

@McAfeeTom In order to be sure, I would need to review the configuration of your assignment rule, confirm the tagging of the endpoints, System Tree sorting/tag allowances, as well as ensuring that the policy enforcement is healthy. This is most easily done via a quick remote session with Support. As such, you may find that you'll get the most efficient assistance with this by opening a case.

However, I may still be able to help if you can give me some qualifying details:
Once you've applied the tag, have you confirmed in the policy assigment tab of ePO that it is or isn't showing as applied? 
If it is, have you confirmed that the McAfee Agent is correctly enforcing policies to the endpoint in general? (This can be tested just by making a change in the regular policy and confirming the change is reflected on the endpoint, or by selecting the system in the System Tree >> Actions >> Directory Management >> View Assigned Policies >> Checking the "status" column to see if it says applied)
If it isn't, then have you double checked the criteria of your policy assignment rule to ensure that it is being told what systems should receive this properly, or ensured that something within the group settings in the system tree where the systems fall doesn't have some sorting restriction that is preventing them from getting the tag?

 

Was my reply helpful?

If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: Policy Assignment Rules - Not Working

Jump to solution

@jess_arman

 

Thanks for the reply. Everything in my policy configuration seemed to be normal. Just for some reason this rule wasn't being applied. I created a new rule with the same policies attached and that one appears to apply as planned. I just deleted the other rule, but I think I'm back to good now. Thanks again.

 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator