I have a problem on one of my ePO Servers. The server is running ePO 3.6 (*) and HIPS 7.0. (Not sure whether this post should be in the ePO Threads or here...)
I recently modified two HIPS/Firewall rules and added specific rules for a program. The Program was identified by path (no fingerprint). Thing is the "path" actually only contained the program name, so I updated it to hold the entire path. After I did this, the rule became "uneditable". Whenever I open this rule, I get some unidentified IE script error and a blank screen.
So now I can't edit those two rules. I tried duplicating the rules to midiy them, it didn't work.
Anyone has an idea about this problem ?
(*) I know ePO 3.6 is old, I'm trying to update all old DFW 8.x users to HIPS so I can upgrade the server.
You didn't inadvertently update Java on that server, did you?
I had a similar issue with the Trusted Networks policy after Java was updated on the server. It was fantastic; after adding a new network and clicking save it completely wiped the policy and made it uneditable. That brought a couple thousand machines to their knees pretty quickly.
Thanks, in the end, it wasn't Java... I suspect it was a DB error somewhere(*).
The only workaround I found was to rewrite all those rules... Had to use a laptop to see what the rules actually were as I couldn't even view the rules on the server... Then rewrote new rules copying the old ones. Luckily I only had about 20 different rulesets.
I managed to also merge a few special cases so as to have less different rulesets. And I did learn a bit about HIPS in the process (also found some weird things, see other thread on localhost handling).
Problem solved, somehow (**). Serge
(*) I had "DB Full" messages on this server, so I purged and cleaned the evenst from the DB.
(**) I'd opened a case with McAfee support about this. After three days, they just closed the case and considered it solved, even though they never provided any solution :mad: