Who Me Too'd this topic

cancel
Showing results for 
Search instead for 
Did you mean: 

Who Me Too'd this topic

ENS / AMSI support triggers 3rd party app to fail

Hello,

is anybody affected by AMSI feature as it is included in ENS Threat Protection?

We are running a deployment solution that got interfered by the way McAfee handles AMSI.

If enabled AMSI (even in observe mode) in OAS policies our deployment agent fails, if disabled everything is fine, better was fine..... since we started deploying ENS 10.7 disabling AMSI does not the trick, means our deployment agent does not work anymore....

Following had been installed on the PC's:

McAfee Endpoint Security Platform 10.7.0.1285

McAfee Threat Protection 10.7.0.1415

McAfee Adaptive Threat Protection 10.7.0.1285

McAfee Threat Protection 10.7.0.1415

McAfee Web Control 10.7.0.1086

 

Actually there is no way to get the deployment agent running other than removing 10.7 or rolling back to 10.6. Strange thing (valid for all ENS version) no event or log is written by ENS even if debug log is enabled. It simply blocks it.

Support tickets had been opened month ago at McAfee and the deployment solution vendors support. The play kind of ping pong on customers back, blaming each other and that's it. No solution, no progress.

Just for the record, our setup was also tested using 4 other AV vendors and none of them had an issue. Neither with the used deployment solution nor with Windows 10 AMSI. In my opinion it is ENS who is causing the trouble due to this.

Anyone else having issues with applications if the AMSI is enabled in the OAS policies? How did you fix it? Any help appreciated....

KR

 

 

Who Me Too'd this topic

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community