Pushed Application Blocking Policy from EPO and is not enforcing on Agent
I deployed an application blocking policy via the EPO to a server with the agent running on it--the policy was told to block everything. To test to see if the agent blocked everything, we tried to install a new application on the server with the agent running on it--the agent should have blocked the application from being installed, but instead it just allowed the application installation. we can see the policy being deployed on the server while watching the logs we see the following: loading update from catalog.xml, Update list doesnt exist or is empty. i have the feeling that nothing is in the policys we are attempting to deploy.
We have tried this all ways, regular mode, adaptive mode, learned mode.
And we cant seem to view the rules which are created via the adaptive mode.
Re: Pushed Application Blocking Policy from EPO and is not enforcing on Agent
Application blocking in HIPS is a default deny so once you enable application blocking it will block any application that you do not have an explicit rule set to allow. Check the local HIPS console and see if application blocking is enabled. If it is (because by default it is disabled) then the policy from EPO is enforcing fine and you should raise a query with the HIPS group.
If it is not you may want to attach a copy of the agent log on an affected client for further review.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.