Do you have the correct extension loaded in ePO as per this KB https://kc.mcafee.com/corporate/index?page=content&id=KB65997 ?
We're on ePO 4P5 and MA4P3 and it works fine though ...
"Host IPS 7.0.4 extension for ePolicy Orchestrator is required for correct policy management of clients running Microsoft Windows 7. The extension also corrects reports and dashboard views from ePO 4.0 for Host IPS clients running 7.0 Patch 5 or later."
yeah we have that extension installed and it has not worked with patch 4, 5 or 6 - This is on an ePO 4.5 server however
Weird ... unfortunately I'm not running ePO 4.5 so this might be the problem. What MA do you use? 4 or 4.5? Did you try to create a new client update tasks from scratch ... as I had to re-create them in order to have it working on Win 7.
We've tested agent 4p2, 4p3 and 4.5. Tasks are not the issue - policies are. I have recreated those and it hasn't made a difference. The bad thing is that the agent gives no indication that it isn't applying the polciy - from the log everything appears to be working. The way we discovered it was when trying to unlock the HIPS console because it does not use the password we have set in the policy and instead keeps the default. After that we tested different policies and noticed that it was staying with the defaults no matter what policy we set.
hmm...running epo 4.5/ma 4.5 here with hips7 p6 and not experiencing your issue on win7 x64.
Are your policies set to enforce? Have you done a wakeup call with both options/force policy update checked?
I dont know If I'm posting to the correct thread here, but lets give it a go.
We have just rolled out the ePO 4,5 and the 4,5 agents on our networks.
I have also imported the hotfix 2 for VSE 8.7 so everything should be normalized and all patches quite ready.
I have seen the following issues for win_7 64-bit and Vista 64-bit, no- package received when checking new policies on these agents. And the policies have changed indeed.
I'm in need of changing the policies because we create our own SMPT programs which sends quite a bit of mail, and we discovered that the HIPS prevented this (Classic Worm Spread scenario). I changed the policy to allow mass emailing for users who required this option, but only XP-32 bit machines gets the new policy and updates accordingly.
This means that we have quite a few Vista 64-bit and Win-7 machines that have not updated their policies.
The hot fix link mentioned earlier in this thread appears to be broken from where I'm standing.
Any ideas on how I should proceed with this issue?
S.O and SSE
What patch for HIPS? What HIPS extension do you have checked in?
Actually it's based on the Host Intrusion Prevention content, which was integrated in the ePO 4,5.
And I may have said smth untrue, if HIPS is a standalone product. We're currently using the VSE 8.7 build 570 with hotfix 2.
The Engine is 5301.4018
But the policies being updated go for more than the access and firewall control. It seems I am completely unable to roll out new policies for win-7 and vista 64-bit once the agent 4,5 has conducted it's first and initial GUID sequence with the server.
Rolling out tasks and updates and product deployment seems to work fine.
I am encountering the same issue, after the initial policy pull, it no longer receives policy.
Did you find a solution?
My System Information --
McAfee Agent Version number: 188.8.131.520
McAfee AntiSpyware Enterprise Module Version number: 184.108.40.206
VirusScan Enterprise + AntiSpyware Enterprise Version number: 8.7i (220.127.116.110) Build date: 9/1/2009
Scan engine version (32-bit): 5400.1158
DAT version: 5837.0000
DAT Created on: 2009/12/19