what can cause the Problem?? hmmmm..... Let me summarise:
Is the MePO Extension visible under the EPO extensions?
Yes it is visible under ePO Extension. My TIE Serve and extension that 1.0.1 version. So i will upgrade to 1.1 version to see that work or not?
Yes try this,
i think anything is right in your configuration. I cannot identify any wrong configuration.
Let´s see what happens with TIE 1.1 version.
The problems gone with upgraded to version 1.1. I can make MWG connected to ePO, import rules but didn't knows it work or not? I had upload Artemis-high file to mediafire and set to known malicious on ePO but didn't block from MWG. How i can troubleshoot this prolems? Do you have any file on cloud so i can test with that file?
you can block any file regardless the McAfee Signature Information. If you set a file to "known malicious" MWG should block the donwload. Encrypted traffic or decoded transport options can make any Content invisible for MWG.
1) you can use the TIE samples from https://community.mcafee.com/docs/DOC-6470
2) Most file sharing platforms are using SSL encryption. Therefore SSL scan should be enabled.
3) If mwg queries the file this should be visible under TIE Reputations in EPO.
4) Take a look at the rule tracing central of the ruleset gets active
5) Check a TCPDump if there is a Connection to TIE Server or a DXL Broker.
I copied the Artemis-high file to our sharing platform. At the Moment i do not know if HTTP is allowed and working. Just try it.
I created the TIE rule on the MWG as described. I now see in the dashboard under DXL that all the DXL requests fail. I do have DXL setup under ePO in config. Anything else that i missed?
have you installed the Message Bus Extension in EPO and have you activated the McAfee Agent settings?
Can you see your MWG in the EPO System tree?