I know that there is a hotfix for OpenSSL Heartbleed vulnerability for ePO, but for my information i have the follwong question:
I have Mcafee HIPS installed on the ePO server, As you know that the default TCP port 8443 is used by the ePO Application Server service to allow web browser UI access. Now! if I create HIPS firewall rule to restrict this port (8443) to only ePO admins computers ip’s, that means it will allow only ePO admins to use browser to access the ePO server. Do you think this will help on avoiding OpenSSL Heartbleed?
I appreciate your help
Probably not because agent communications occur through apache.exe on 443 and 80. I believe the main issue with OpenSSL is with apache communications, unless tomcat.exe also uses OpenSSL, then yes, your firewall rule would help "some".