We are testing the ePO 4.6 Patch 2 agent on a select mix of systems including Windows XP & Windows 7. In the host firewall on each client is the default "McAfee Framework Service" which points C:\Program Files\McAfee\Common Framework\FrameWorkService.exe . This is the firewall exception that McAfee installed. Aftert upgrading these clients from ePO agent 126.96.36.1990 to 4.6 Patch 2, I noticed that the XP systems would not respond to agent wake-up calls.
I turned on firewall logging that noticed Dropped TCP packets to port 8081. If you add a port exclusions for port 8081 in the XP firewall then agent wake-up calls start working. This behaviour does not occur on the Windows 7 system which has the same default McAfee FrameWork service exception in the firewall. I have never had any issues with any of the 4.0x and 4.5x agents until now.
I called McAfee and was told that we had to add a port exception. This is hard in our environment as we don't have Active Directory as of yet. Also, it didn't answer the question why on XP systems agent wake-up calls work with 4.5x agent but not with 4.6 agents. Tried to escalate this issue to Tier 2 via our sales manager but got a call from a consultant who again didn't answer my question why and instead told me to deploy HIPS. I believe that someone has changed in the agent code from 4.5 to 4.6 to make this stop working under XP.
Has anyone else encountered this?