cancel
Showing results for 
Search instead for 
Did you mean: 
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 11 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

That only shows assigned policies from system tree.  Please go to actions, directory management, view assigned policies and it will pull up a list.  It will show if assigned by rule or system tree and whether it is applied on the system or not.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

mtatro
Level 7
Report Inappropriate Content
Message 12 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

Here's the assigned policy for that user specified by the PAR

2018-07-10 15_13_28-Window.png

 

I think we are not on the same page for what I have questions about. My original questions:

"1) Overwrites the other WC Block/Allow lists (not merging with other multi-slot from the System Tree). I was not able to find an article for WC saying this is intended behavior but I know the user PARs can replace other policies like FRP keys)."

I mentioned this is likely because of it replacing instead of being additive. You confirmed that in your earlier post. The first question is answered.

My second question is more what I am confused about.

"2) The WC Block/Allow policy PAR causes the System Tree policy for Content Actions to be change to something else (maybe Default?). It no longer has any category blocking defined for the system. Anyone have a good thoughts on this? It seems more like a bug than anything but I still have not found good articles on how PARs apply in relation to the rest of the policies application methods."

When I apply the PAR for Block./Allow, it changes the behaviour of the Content Action policy. You can see from the screenshot above it does not change the Contenct Action policy, but I know it does because by simply enabling/disabling the PAR for Block/Allow it also also causes my policy for blocking "Chat" category to become innactive, likely instead using a default policy instead or something. My question is if this is intended, a bug, or something else and if there was any documentation.

 

edited: formating of quotes.

 

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 13 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

I understand your question, I am consulting with the ENS advanced team to validate what I believe is occurring.  I will get back with you shortly.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

mtatro
Level 7
Report Inappropriate Content
Message 14 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

Ok great thanks! Thank you for being very active in replying and such. It's very much appreciated.
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 15 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

The block and allow list policy lets you configure if an allowed site takes precedence in system based policies.  This will control also how content behaves based on what block/allow policy is set to.

What are your settings for this?

 

WCPolicy.png

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 16 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

There may also be an agent issue involved.  WC enforces default policy because MA gets confused about who the logged in user is. Get detail MA logging, debug WC logging, and do an agent wake up call from ePO server set to force policy update.  Then I would recommend opening a ticket with McAfee for analysis.

ma debug is set in the agent policy.  Set the log size to 30 and rollover count to 3.  Ens debugging is also enabled in the ens policy - common, advanced settings.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 17 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

Once you get that data and an SR open, please let me know the SR and we will get it up to dev as soon as possible. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 18 of 18

Re: ENS WC Block/Allow PAR causing other effective policies to change

Just fyi, the product engineer for this will be in the same area as the agent developer next week for them to have a good discussion on this, so it might be beneficial to you to get a case open as soon as possible. 

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community