cancel
Showing results for 
Search instead for 
Did you mean: 
andymease
Level 10
Report Inappropriate Content
Message 1 of 11

HIPS 7 on Windows 7 Policy Application Issue

Anybody else seeing issues with policy application for HIPS 7 on Windows 7?
I've applied patch 6 and still see the issue of my policies not being applied....default password still in use etc. I've opened a call with McAfee and am unsure if this is widespread. We're using ePO 4.5 btw...

Andrew
10 Replies

RE: HIPS 7 on Windows 7 Policy Application Issue

Do you have the correct extension loaded in ePO as per this KB https://kc.mcafee.com/corporate/index?page=content&id=KB65997 ?

We're on ePO 4P5 and MA4P3 and it works fine though ...

"Host IPS 7.0.4 extension for ePolicy Orchestrator is required for correct policy management of clients running Microsoft Windows 7. The extension also corrects reports and dashboard views from ePO 4.0 for Host IPS clients running 7.0 Patch 5 or later."
andymease
Level 10
Report Inappropriate Content
Message 3 of 11

RE: HIPS 7 on Windows 7 Policy Application Issue

yeah we have that extension installed and it has not worked with patch 4, 5 or 6 - This is on an ePO 4.5 server however
Highlighted

RE: HIPS 7 on Windows 7 Policy Application Issue

Weird ... unfortunately I'm not running ePO 4.5 so this might be the problem. What MA do you use? 4 or 4.5? Did you try to create a new client update tasks from scratch ... as I had to re-create them in order to have it working on Win 7.
andymease
Level 10
Report Inappropriate Content
Message 5 of 11

RE: HIPS 7 on Windows 7 Policy Application Issue

We've tested agent 4p2, 4p3 and 4.5. Tasks are not the issue - policies are. I have recreated those and it hasn't made a difference. The bad thing is that the agent gives no indication that it isn't applying the polciy - from the log everything appears to be working. The way we discovered it was when trying to unlock the HIPS console because it does not use the password we have set in the policy and instead keeps the default. After that we tested different policies and noticed that it was staying with the defaults no matter what policy we set.

Andrew

RE: HIPS 7 on Windows 7 Policy Application Issue

hmm...running epo 4.5/ma 4.5 here with hips7 p6 and not experiencing your issue on win7 x64.
Are your policies set to enforce? Have you done a wakeup call with both options/force policy update checked?
mjm
Level 7
Report Inappropriate Content
Message 7 of 11

Policy enforcment issues

Hi all.

I dont know If I'm posting to the correct thread here, but lets give it a go.


We have just rolled out the ePO 4,5 and the 4,5 agents on our networks.

I have also imported the hotfix 2 for VSE 8.7 so everything should be normalized and all patches quite ready.

I have seen the following issues for win_7 64-bit and Vista 64-bit, no- package received when checking new policies on these agents. And the policies have changed indeed.

I'm in need of changing the policies because we create our own SMPT programs which sends quite a bit of mail, and we discovered that the HIPS prevented this (Classic Worm Spread scenario). I changed the policy to allow mass emailing for users who required this option, but only XP-32 bit machines gets the new policy and updates accordingly.

This means that we have quite a few Vista 64-bit and Win-7 machines that have not updated their policies.

The hot fix link mentioned earlier in this thread appears to be broken from where I'm standing.

Any ideas on how I should proceed with this issue?


Mjm
S.O and SSE
andymease
Level 10
Report Inappropriate Content
Message 8 of 11

RE: Policy enforcment issues

What patch for HIPS? What HIPS extension do you have checked in?

Andrew
mjm
Level 7
Report Inappropriate Content
Message 9 of 11

RE: Policy enforcment issues

Actually it's based on the Host Intrusion Prevention content, which was integrated in the ePO 4,5.

And I may have said smth untrue, if HIPS is a standalone product. We're currently using the VSE 8.7 build 570 with hotfix 2.


The Engine is 5301.4018


But the policies being updated go for more than the access and firewall control. It seems I am completely unable to roll out new policies for win-7 and vista 64-bit once the agent 4,5 has conducted it's first and initial GUID sequence with the server.

Rolling out tasks and updates and product deployment seems to work fine.

Re: RE: Policy enforcment issues

I am encountering the same issue, after the initial policy pull, it no longer receives policy.

Did you find a solution?

My System Information --

  McAfee Agent Version number: 4.5.0.1270 

  McAfee AntiSpyware Enterprise Module Version number: 8.7.0.129

  VirusScan Enterprise + AntiSpyware Enterprise Version number: 8.7i (8.7.0.570) Build date: 9/1/2009

  Scan engine version (32-bit): 5400.1158

  DAT version: 5837.0000

  DAT Created on: 2009/12/19

  

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator