An endpoint with ENS is being blocked by McAfee ePo firewall, with the log being generated as follows:
"Time: 12/26/2019 01:40:17 PMEvent: TrafficIP Address: 10.10.x.xxDescription: PROPHET BROKER SERVICEPath: C:\Program Files\ProphetSuite\Prophet Worker\bin64\Broker.exeMessage: Blocked Incoming TCP - Source 10.10.x.xx : (63784) Destination 10.10.x.xx : (9008)Matched Rule: Block all traffic"
So, what rule should I configure to whitelist this app?
Go to Solution.
Thank you for your response.
There are 2 ways to handle this.
Is the source IP static? If yes, that would go under the allow rule's local IP.
If the remote IP is static or if the port is static, I would recommend adding them too.
I am sure this rule should help you bypass the Block All rule. The place for this rule should not be a problem since Block all is a hidden rule that is placed at the bottom of all customer rules.
View solution in original post
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC