My biggest complaint with the product continues to be the inconsistency of the "clusters".

1. One day it load balances, next day it doesn't. 
2. One day it runs like a horse, next day it is slow an sluggish.
3. One day malware checking is fast and amazing, next day it stops web site access.
4. One day host entry files work, next day it doesnt.
5. JAVA access to management is the WORSE of all!!!!  It loads ummmm  NEVER!  unless you flush it out from the applaince. 
   1. very tedious to do this when you have a global corporation and need to make an immediate change. 

I've had McAfee on site at our US\ UK locations and we continue to have problems with the appliance.  We've done everything possible to get this resolved and have done everything McAfee has asked us to do to fix.  But we fix one problem and we add 2 additional.  To think we chose this product over Cisco IronPort, Websense, etc. because we were confident it would be a resilient reliable product.   

Thanks for reporting these issues, Carlos.

I assume you have mentioned those to support or our consultants so we could have helped you?

thanks,

Michael

I completely sympathize with you.

1. As of today Dec. 21. 
2. We had no choice but to disable anti- malware globally due to time outs and inability to get to sites.
3. We also have had a hard time with web site redirects using nonstandard ports.  the appliance drops the connection or simply times out or no error msg just hangs
   1. e.g. if you go to amazon.com and you click a link and amazon redirects a site to use port 8160 or whatever instead of port 80 \ 8080\ 443 \ etc.
4. We had to disable "coaching” globally b\c device hangs on most sites you coach especially email.
5. We also had to WhiteList FTP on a consistent basis b\c the device cant distinguish FTP sites well.
6. MAC machines have extremely difficulties with this devices

Its an absolute embarrassment to be unable to log on to this appliance on a consistent basis due to JAVA. Very difficult to support end users when you need support yourself. I agree that Support is slow to respond and at many times no matter how many feedbacks or TCP Dumps you send - they still can’t seem to give you resolutions.

Carlos, Brad,

I again state that I am worried to see that you have so much undesirable situations with our product. As this is not reflecting the global experience we make, I'd like again to emphasize that my door is open via private message in this forum to contact me to get the product team involved, which I stated before and have not yet gotten any note about your issues. Furthermore I don't see any response on whether you have contacted support on these particular matters.

If any of you want to get me involved in your cases - again, please send me a private message in this forum and included your contact details, such as full name, company, email and phone. I am happy to be your advocat in our org and facilitate solving your problems. Latter one is my job anyway as Product Manager - solving market problems.

If you feel that this is not an option, please let me know as well and also what you think is an option.

Just mentioning issues will not solve them, so allow me to help you or at least to understand the full scope of issues.

thanks,

Michael

Here is the bugs I have found.

Does not work with Server 2008 R2 Windows Updates keeps prompting for Auth.

Does not work with Windows 7 Windows Updates keeps prompting for Auth.

I have no issues with XP or 2003.

Java Auth issues.

Thing is my network is a normal native server 2008 domain.  I am using NTLM auth which works great for normal web surfing.

Hello,

for NTLM and Win7/2008 I have found this while searching the web for your issue: http://blog.censornet.com/index.php?/archives/43-Windows-update-breaks-NTLM.html not saying that it is cause, but might be the case.

What are your Java issues?

thanks,

Michael

I ran into the authentication problem with Windows 7 and WG7 as well.  I put a simple authentication bypass rule in for the user agents specific to Windows Update.  Since, all is well.  If you'd like more detail on it, let me know.

Steve

I also had to put in an Auth Bypass rule for the Windows Updates.

At the Authenticate and Authorize rule set i have a Windows Updates Bypass Auth rule.

Rule Criteria

Header.Request.Get ("User-Agent") ((click the parameter to set User-Agent))

Matches in list

Created a list "User Agents for Windows Updates" then added a wildcard expression "Windows-Update-Agent"

Then added another Rule Criteria and linked with an OR

URL.Host

Matches in List

Created a list "Windows Updates" then added a wildcard expression for all the Windows Updates sites.

Here is what I used.

*windowsupdate.com*

*windowsupdate.microsoft.com*

w2ksp*.microsoft.com

*download.microsoft.com*

*update.microsoft.com*

Action is set to "Stop Rule Set"

Then to restrict access to who can run Windows Updates I added I added two rules to Category Content Filter.

Name: Allow Windows Updates for Domain Admins

Authentication.Attributes cantains "Domain Admins"

And

URL.Host matches in list "Windows Updates"

Action is Stop Rule Set

Name: Block Windows Updates for Domain Users

Authentication.Attributes cantains "Domain Users"

And

URL.Host matches in list "Windows Updates"

Action is Block

Setting is URL Block.

Make sure Domain Admins rule is above the Domain Users Rule.