4 Replies Latest reply on Apr 25, 2014 9:43 AM by a13xchan

    [Nightmare] VirusScan Enterprise Firewall Exceptions!!!

    a13xchan

      Hi All, i have been trying to jump through loops of fire with McAfee Tech Support and sales but thought i would ask the community how they did it.

       

      Scenario ...

       

      hundreds servers and a thousands of desktops all managed by epo. AV and Agent is installed on the machines/ servers and updated , patched over time. This then results in firewall rules automatically added to the windows firewall rule set. Overtime this generates duplicate rules. This in some cases leads to 20 duplicate rules which allow 'any' connection to that port and exe.

       

      This on pen tests and a various other tests / checks makes it flag up read and not idea when you know you can lock that port down to be more secure.

       

      How does everyone else out there clean up the rules and prevent this from happening as there is nothing in the product set to prevent the rules from being created?