Guys, over the past 12 months since our upgrade to ePO 5.1 we have had numerous issues with policy changes not applying at the clients. We have engaged our vendor/reseller at length and they have not been able to identify the issue until recently. It seems that old polices not visible in the ePO interface are still applying. They are indicating to use that it looks like there is some corruption in the DB or the like but have not yet provided further detail. from a bit of searching I found this:
This KB strikes me as pretty alarming for a product of this nature.
Can you please give us more information about your environment? What version of EPO are you running? What VSE Extensions do you have installed? What version of VSE is showing on the endpoint, when you check directly? What version reports as installed in EPO? What version of McAfee Agent is installed? What operating systems are involved and is there a more common OS that this issue occurs with? What specific policies are not getting enforced? i.e. Do On Access Scan policies apply and Access Protection does not?
Can you please provide a screenshot of the following: Find a system that is encountering this issue in EPO's system tree. Place a check next to that system, then click Actions > Directory Management > View Assigned Policies.
We have a call open with McAfee directly now so i will udpate with any details I get. Environment is:
That last step will show you if EPO thinks it is applying the policy. When MA gets the policy catalog from EPO, it is supposed to send back a flag to EPO that states whether or not the policies have been applied. Thats why I like that view, opposed to "View Policies on a Single System"
I am trying to think what we did to resolve the issue. Yeah, its been a few months since. I want to say we either upgraded the MA extension, Upgraded MA to the latest, reinstalled VSE, and/or upgraded to ENS. As of today, this is no longer an issue.