Running EPO 4.0 with 8.5 AV Yesterday, our mail server went down! According to the net admins, McAfee EPO was the culprit. Here is what I know so far:
The Exchange server had a policy - "On Access Default Proccesses scan" with the list of files to be excluded!
It seems that a particular file exclusion (in Exchange) was left off. The problem is that the net admin knows he put the file on the list, so if something were to get in, it would quarantine rather than delete (which it did and we lost a good deal of the day without emails)
My question at this time is this: If I create a policy and then edit that policy or "Any" policy" for that matter-Why does the log not show a change to the policy by the user who made the change? Is this a McAfee "glitch"?