1 2 3 Previous Next 28 Replies Latest reply on Apr 9, 2008 12:21 PM by metalhead

    Help, Clients wont enable firewall.

      I have recently created new 6.x firewall rules in HIPS. Within HIPS I have enabled the firewall for the three computers in my test group (within EPO) and they all have the HIPS component installed. When I open the HIPS console on each client it states that the "firewall is disabled - all traffic allowed."

      Furthermore, on some client machines the rules show, while on other machines they do not. Is there anything I'm missing on why the firewall will not enable on the clients? I have forced the client to communicate with EPO but that does not seem to reslove the problem.

      Thanks in advance.
        • 1. RE: Help, Clients wont enable firewall.
          metalhead
          What are your ePO server, agent and hips version numbers ?
          • 2. RE: Help, Clients wont enable firewall.
            This sounds like CMA policy corruption. What version/build number of CMA are you running?
            • 3. RE: Help, Clients wont enable firewall.
              From doing the "About" on one of the clients, I see

              epo agent is 3.6.0.574

              HIPS 6.1.0 build number 506

              Looking at the epo console

              Server Version is 3.6.1.202, Enterprise Edition

              How can you tell what version of CMA is in use?

              Thanks
              • 4. RE: Help, Clients wont enable firewall.
                tonyb99
                CMA is EPo agent is Mcafee agent
                (different names for the same thing)

                you are running 3.6.0.574 which is agent 3.6 patch 3

                Sorry cant help with HIPS as dont use it at all, but im sure Raja will check back with this thread soon.
                • 5. Situation Update:
                  Just today (4 days after enabling the firewall on EPO) one of my three client machines inherited the firewall policies. The other two client machines are still obstinate and refuse to enable the firewall. However one still shows the firewall rules while the other does not.

                  Any direction on where to look or what to tweak is greatly appreciated.
                  • 6. A working theory
                    On the machine where the firewall finally kicked in(And I still want to know how that occurred after 4 days), when I clicked on the client to disable the firewall, I now am unable to click on anything to restore the firewall.

                    Which leads me to think, that maybe the firewall was manually disabled on the others, and so I need to figure out how to enable the firewall again.

                    I may test by putting a new machine in the group to see if it will pick up the policy upon joining the group.
                    • 7. RE: A working theory
                      metalhead
                      Is there a reason why you do not use HIPS 7 ? Also there is patch 3 for HIPS 6.1 available which might help ...
                      • 8. RE: A working theory
                        That is a little outside of my purview. I share the epo server with many other departments/units. So I am not the main admin, just an admin for the units wherein my agent has coverage, so the decision to use 7 would have to be made higher up than me.


                        What does anyone think about my new theory, i.e, it seems like, there may be something manual that i did, or can do to get the firewall back on. Unfortunately, my new test machine, i did not check before I left for the day to see if it got the policy and enabled the firewall
                        • 9. RE: A working theory
                          metalhead
                          First of all please post the agent_%computername%.log of an affected client to check if the HIPS polices are enforced.
                          1 2 3 Previous Next