Community Help Hub

andymease · ‎10-23-2009

Anybody else seeing issues with policy application for HIPS 7 on Windows 7?
I've applied patch 6 and still see the issue of my policies not being applied....default password still in use etc. I've opened a call with McAfee and am unsure if this is widespread. We're using ePO 4.5 btw...

Andrew

petr.bohac · ‎10-24-2009

Do you have the correct extension loaded in ePO as per this KB https://kc.mcafee.com/corporate/index?page=content&id=KB65997 ?

We're on ePO 4P5 and MA4P3 and it works fine though ...

"Host IPS 7.0.4 extension for ePolicy Orchestrator is required for correct policy management of clients running Microsoft Windows 7. The extension also corrects reports and dashboard views from ePO 4.0 for Host IPS clients running 7.0 Patch 5 or later."

andymease · ‎10-26-2009

yeah we have that extension installed and it has not worked with patch 4, 5 or 6 - This is on an ePO 4.5 server however

petr.bohac · ‎10-27-2009

Weird ... unfortunately I'm not running ePO 4.5 so this might be the problem. What MA do you use? 4 or 4.5? Did you try to create a new client update tasks from scratch ... as I had to re-create them in order to have it working on Win 7.

andymease · ‎10-27-2009

We've tested agent 4p2, 4p3 and 4.5. Tasks are not the issue - policies are. I have recreated those and it hasn't made a difference. The bad thing is that the agent gives no indication that it isn't applying the polciy - from the log everything appears to be working. The way we discovered it was when trying to unlock the HIPS console because it does not use the password we have set in the policy and instead keeps the default. After that we tested different policies and noticed that it was staying with the defaults no matter what policy we set.

Andrew

JeffGerard · ‎10-27-2009

hmm...running epo 4.5/ma 4.5 here with hips7 p6 and not experiencing your issue on win7 x64.
Are your policies set to enforce? Have you done a wakeup call with both options/force policy update checked?

mjm · ‎10-30-2009

Hi all.

I dont know If I'm posting to the correct thread here, but lets give it a go.

We have just rolled out the ePO 4,5 and the 4,5 agents on our networks.

I have also imported the hotfix 2 for VSE 8.7 so everything should be normalized and all patches quite ready.

I have seen the following issues for win_7 64-bit and Vista 64-bit, no- package received when checking new policies on these agents. And the policies have changed indeed.

I'm in need of changing the policies because we create our own SMPT programs which sends quite a bit of mail, and we discovered that the HIPS prevented this (Classic Worm Spread scenario). I changed the policy to allow mass emailing for users who required this option, but only XP-32 bit machines gets the new policy and updates accordingly.

This means that we have quite a few Vista 64-bit and Win-7 machines that have not updated their policies.

The hot fix link mentioned earlier in this thread appears to be broken from where I'm standing.

Any ideas on how I should proceed with this issue?

Mjm
S.O and SSE

andymease · ‎10-30-2009

What patch for HIPS? What HIPS extension do you have checked in?

Andrew

mjm · ‎10-30-2009

Actually it's based on the Host Intrusion Prevention content, which was integrated in the ePO 4,5.

And I may have said smth untrue, if HIPS is a standalone product. We're currently using the VSE 8.7 build 570 with hotfix 2.

The Engine is 5301.4018

But the policies being updated go for more than the access and firewall control. It seems I am completely unable to roll out new policies for win-7 and vista 64-bit once the agent 4,5 has conducted it's first and initial GUID sequence with the server.

Rolling out tasks and updates and product deployment seems to work fine.

staples · ‎12-20-2009

I am encountering the same issue, after the initial policy pull, it no longer receives policy.

Did you find a solution?

My System Information --

McAfee Agent Version number: 4.5.0.1270

McAfee AntiSpyware Enterprise Module Version number: 8.7.0.129

VirusScan Enterprise + AntiSpyware Enterprise Version number: 8.7i (8.7.0.570) Build date: 9/1/2009

Scan engine version (32-bit): 5400.1158

DAT version: 5837.0000

DAT Created on: 2009/12/19

HIPS 7 on Windows 7 Policy Application Issue

RE: HIPS 7 on Windows 7 Policy Application Issue

RE: HIPS 7 on Windows 7 Policy Application Issue

RE: HIPS 7 on Windows 7 Policy Application Issue

RE: HIPS 7 on Windows 7 Policy Application Issue

RE: HIPS 7 on Windows 7 Policy Application Issue

Policy enforcment issues

RE: Policy enforcment issues

RE: Policy enforcment issues

Re: RE: Policy enforcment issues

Community Help Hub

Join the Community