cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 1

Automated Unhandled Threat Handling Issues

HI  All ,

                   I created an Automated Task in EPO 4.6.4 for Unhandled threats in our Location,

It consist of Two Automated Task

First One , whenever an Unhandled threat is detected , It  moves the system to an OU , where all ports are being blocked except Mcafee EPO server (Access Protection Policies ), so there is no chance of propagation , and then immedeately On Demand Scan is Initiated .

The Second Automated task

                        Once The On Demand Scan is completed it moves back to the previous OU , based on Tag Criteria

Everything work fines , but the Issue is that if there are N number of events , or a false alert , then entire systems would be with no Network access moved to that OU , is there any mechanism to address that also in case of Tag Criteria there are number of SUB OU , is there any mechanism to automatically change the access protection policy once alert is triggered and these systems should be reverted back with the MY Default access protection Policies rather than moving to an OU where access protection policy for port blocking is applied .

Any Ideas and suggestion for this !

Regards

Roland CJ

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community