7 Replies Latest reply on Nov 9, 2014 7:14 PM by larrymateo

    Application Control and Deep Freeze: Policy Activation Question.

    larrymateo

      Is anyone out there using Application Control (Solidcore) on Windows 7 endpoints that are also running Faronics Deep Freeze Enterprise version 7.51.220.4170?

       

      We're experiencing the following strange behavior when we update an existing policy--adding an updater or a binary to a rule group--that is already associated with a policy and that is already associated with a system tree group. If we pull down and enforce new policies from the endpoint or push them down from the ePO server, the status information on the McAfee Agent Monitor indicates that the endpoint's policies have been downloaded and are being enforced. However, the new rule that we added does not take affect until we do one of two things:

      [1] Thaw the machine and download the policy. It immediately takes affect.

      [2] Download the policy to the endpoint, enforce policies--at this point, the new rule has not taken affect--then edit the new rule in the rule group--this can be something as simple as changing a lower-case letter to an upper-case letter in any of the fields in the rule--then downloading and enforcing the policy again. Then the new rule takes affect.

       

      Has anyone else experienced this behavior and found a fix? Our expectation is that although the endpoints are frozen, the rules in updated policies should take affect as soon as the policy is downloaded and enforced on the endpoint.

       

      Thanks much.

       

      Hope this make sense.