2 Replies Latest reply on Oct 12, 2017 6:23 AM by frank_enser

    Access Protection


      Hi Community, this is my first Post/Question


      I use ENS 10.5.2 with Agent 5.0.5 and configured from EPO- Server.


      I Need to allow some .VBS scripts from the **/Windows/temp/*.vps Folder but the Rule "ACCESS PROTECTION 24h -> Executing scripts by Windows script host (CScript.exe or Wscript.exe) from common user folders " is blocking it, even though i wrote an Exception for it in the Rule itself.


      to Keep it simple i excluded **Windows\Temp\*.vbs in the Rule but .vbs Scripts Keep getting blocked.





      i do not know what is wrong and my config. it does not matter if i address the single file or if i allow all *.vbs in **/temp/*.vbs  Folders. they get blocked anyway.


      Maybe you can see what i am doing wrong.


      Thank you very much in advance,




        • 1. Re: Access Protection



          Im checking my Access Protection and wonder what you added in "Exclusions" for this files to be excluded?


          In my case, MSIEXEC.EXE have the following settings:

          • 2. Re: Access Protection



            this rule is McAfee defined and you cannot exclude target paths/files. But you can recreate this rule: just create a new rule, add the cscript, wscript, ... executables under "Ausführbare Dateien" and add the TEMP folders under "Untergeordnete Regeln"/"Ziele" but add a "Ziel" with **\Windows\Temp\*.vbs and "Einschlussstatus" is "Ausschließen".