We are beginning to test Mcafee HIP deployed through ePo 4.0 and have found that as soon as we deploy the software with the default policies, we are no longer able to connect to the computer through remote desktop. I tried to add an allow rule for TCP port 3389 but that didn't work. Is there something easy that I am missing?
Try using the adaptive rules to capture user-created or user-approved rules from your users. (You will obviously evaluate these rule before they are added to the policy)
When the users check back into the ePO server, you can view their newly created rules and add the ones that are for business use.
This procedure works well when building an "Enterprise/Standard" set of rules for business.
Later down the road when a user has trouble with HIPS blocking some business function.. I move their machine into the adaptive policy and refresh their client.. Then after they repeat the process - They later will connect to the network and their rules are uploaded to the server. There I will review the rule and make the appropriate changes to the corporate firewall policy and move them back into the enforce mode.