Long sotry short, I'm not the only one that touches our ePO console. I've noticed many events showing up for a McAfee hips rule that should not be showing up. These events include Files and Executables that have been whitelisted in an exception rule I made for this McAfee rule.
How do I go about ensuring it is on/enabled and also applied to the endpoints? I need to rule this out before I call the events showing up a bigger issuse.
Thank greatscott. What ended up being the issue is that exception rules "AND" executables and files (under parameters) together. I needed to split it up into two exception rules for one McAfee rule. One exception rule for the executables, and one for the files.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.