I created 2 Firewall Rule Groups, one of them is Location Aware:
- On Domain (LAG: ePO reachability, DNS Suffix, DNS IPs)
- Off Domain (no LAG: only VPN allowed)
Now, after you disconnect the LAN cable, the LAG "On Domain" is still active for several minutes (open network). I managed to speed up the evaluation of the firewall rules by running cmdagent.exe -e.
Am I right, that the evaluation of LAGs only happens at the policy enforcement interval? And NOT when the network state (NIC connect/disconnect, WLAN connect/disconnect) changes??
While testing HIPS8 a few weeks ago, the behavior was different as I remember. Is it?
Go to Solution.
This behavior was fixed with ENS 10.1.1 because of my case I opened.
Since then the evaluation of LAGs happen when the network state changes.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center
2821 Mission College Blvd.
Santa Clara, CA 95054 USA
Consumer Support | Enterprise Support | McAfee.com
Legal | Privacy | Copyright © 2019 McAfee, LLC