We are running ePO version 5.3.2 and VSE version 126.96.36.1992.
The problem I am having with ALL hosts is when I add an exception for the VSE Access Protection Policy it is not taking.
For example, I am trying to add an executable to the AntiSpyware Max Protection Prevent all Programs from Running Files from the Temp Folder. It should be fairly strait forward, add the executable to the Processes to exclude. I will do that, wake up the host, even wake up the host from the host itself, and it will still get blocked.
We have another policy that is applied with a PAR normally that turns Access Protection off. I will see the policy as "applied" to a host, it will be configured properly to turn off VSE, but the host will still recieve Access Protection blocks for whatever app they are trying to run.
Any ideas? I think this points to an issue on the ePO end right? Maybe a corrupt policy on the server itself?
Could be a corrupt policy or potentially an interefing PAR. Could also be due to too many exclusions being present in your AP rules.
Try duplicating the McAfee Default AP policy, making your ONE amendment to it and assigning it. Does it reflect properly?
If no, I'd try to setting all VSE policies to McAfee Default and then assign just your intended AP policy. Is that ok? If yes, assign one by one the policies. You'll probably find one that is corrupt and causing havoc on the other policies.
I haven't had a chance to check with @Former Member suggested yet with everyone being on Holiday break but I will. Thanks for the other input. I do know about the dropdown and such. I am thinking corrupt is closest to the right answer. I will keep you all posted!
To go along with @Former Member suggestions, there is one key item for VSE policies that is typically different from all other products. When drilling down into the policy, you will see a drop-down menu towards the top left of the policy window, with an option for "workstations," and an option for "servers." This represents server-class operating systems, versus typical desktop installations. If we are trying to apply this policy to all servers, make sure that the drop-down is selected for "servers." This allows for different policy configuration for systems that are desktops versus servers, using the same policy. Tends to be commonly overlooked and easy to miss.
Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?