We have McAfee 5.0.0 Patch 6 Saas installed on a windows server 2008 service pack 2 systems. We have essentially discovered the firewall does nothing.
The firewall is configured by administrator through the web interface. It is set to On and Protect. Custom firewall settings are used that should only allow incoming remote desktop connections from specific IP addresses. In addition blocked events should be reported. This is what we have experienced for over 3 months now.
1) System reports firewall is working with no issues.
2) No inbound connections are blocked. Users can remote in from anywhere even though it is set to specific IP addresses.
3) No events are ever reported as blocked. We have tested this with simulated incoming traffic.
4) No applications are blocked going outbound. A bar appears on the bottom of the screen saying the application was blocked and to contact the administrator, but the application gets through to the internet anyway.
We have spent much time with email support and phone support. We have yet to encounter a support individual who understood the problem. The only solution they suggested was to set up a new policy thinking that it somehow got corrupt. In addition McAfee has stated that certain applications could not be blocked. But they are unable to tell us which applications are allowed to access the internet even when blocked. An unknown list of holes is a security risk to us. I have just about given up, and this is my final attempt to find a solution before beginning a transition for our business to another product. I suspect this product just doesn't work on server OS even though it is advertised as compatible.
Thanks for any help.
I have read your post.
Please be informed that McAfee Firewall is not compatible with Windows 2008 Server operating systems.
Please open the webpage http://kc.mcafee.com and in the search bar type in the kb article number KB60533 and hit enter.
You shall get a list of Operating Systems in which the McAfee 5.0 and the new upgraded 5.2 version of the McAfee software is compatible.
Please go through them for clarification.
Thanks for the reply. I have seen the article KB60533. The article says exactly the opposite of what you say it does. It specifically says that 5.0 is compatible with Microsoft Windows 2008 Server 32-bit (Standard, Enterprise, Small Business) (Service Pack 2), and the table specifically says 'yes' the firewall is compatible.
Please refer to the correct table for your version.
I have no idea what table you are referencing. There are two tables on the page, one for 5.0 and one for 5.2 and they both say they support it. Please clarify where you see this. Note that during sales they confirmed that it was compatible, and when pursuing this issue with traditional support they said it should work as well.
Copy of portion of table.
Microsoft Operating System (Service Pack)
Total Protection 5.0
URL installation with
Microsoft Windows 2008 Server 32-bit (Standard, Enterprise, Small Business)
Do you realize there is a difference between Windows 2008 Service Pack 2 and Windows 2008 R2
2008 Service Pack 2 = Vista in server form
2008 R2 = Win 7 in server form
Apologies if i'm stating the obvious but i can't quite discern your 'technical ability' from the postings.
Apologies for the confusion.
I have double checked product information and version 5.0 does support Microsoft Windows 2008 Server 32-bit from the base version (even though this is in fact marked SP1).
Supposing that you have the Windows Server 2008 32 bit and NOT the Windows Server 2008 R2. ( If it is the latter, TPS does not support it. No matter what version of the software it is).
Have you tried uninstalling and reinstalling the firewall component ?
Have you checked in the policies tab if the firewall is set to be configured by the Administrator or the user ?
Have you also enabled the reporting ability for all the blocked connections ?