3 Replies Latest reply: Jan 9, 2015 6:23 AM by Richard Carpenter RSS

    How to detect & disable McAfee (HIPS) Desktop Firewall on Mac

    mcdave

      Hi,

       

      I noticed that Endpoint Protection for Mac 2.1 includes a desktop firewall.
      It seems that this FW is turned on by default which makes us running in all kinds of remote access issues (blocking all incoming ping requests).

       

      According to the documentation this Mac desktop FW uses the same HIPS FW policies as windows (ePO 5.1 server)
      But:

      • our default HIPS FW options policy is set to "DISABLE":
      • Neather does our default rules policy block incomming ping requests:

      Additional Question is, how can I detect via epo if the Desktop FW on a mac is installed? I can't see it in the system details pages?

       

       

      regards,

      Dave

        • 1. Re: How to detect & disable McAfee (HIPS) Desktop Firewall on Mac
          llamamecomoquieras

          Hi,

           

          In VSE for MAC the Firewall is installed by default as it is integrated in the product so all your MAC computers will have it.

           

          The policy that you are checking is HIPS that is completelly diferent product that VSE MAC (Firewall).

           

          To check and disable Firewall for mac go to the VSE MAC policy and you will find in one of the tabs the option for the Firewall.

           

          Best regards,

           

          José María

          • 2. Re: How to detect & disable McAfee (HIPS) Desktop Firewall on Mac
            mcdave

            The Firewall policies for the imbedded desktop firewall insite McAfee Endpoint Protection are managed via the HIPS Policies (it's all clearly mentioned in the documentation of the product)

            There seems to be an issue with the Management Agent syncing the Desktop Firewall (HIPS) policies. (I've created a support ticket, for the issue and it's already confirmed there is an issue with the Agent & syncing the FW properties, all other properties (anti malware & application protection) are syncing correctly) atm it's escalated to Tier level 2 support.

            • 3. Re: How to detect & disable McAfee (HIPS) Desktop Firewall on Mac
              Richard Carpenter

              Hi,

               

              If you only want the Anti Malware product (IE Virusscan for Mac) and you dont want/use Application protection or the Firewall (HIPS),you could remove "McAfee Endpoint Protection for Mac <build>" and just deploy "McAFee Endpoint Protection for Mac - AV <build>" which only installs the Anti Malware components and products.

               

              Regards

               

              Rich