3 Replies Latest reply on Jul 21, 2016 6:00 AM by moriega

    ENS10.1 Firewall component


      It seems like this component has taken a step backwards in terms of functionality compared to HostIPS 8.0. Some things I have noticed so far:


      1) The GUI for blocked/allowed traffic doesn't exist anymore. I now need to dig into the text log specifically and load it with something like BareTail in order to get any useful information out of it.

      2) The event log pane doesn't show ANY Firewall events, though there are plenty.

      3) Adaptive mode doesn't pull the digital signer information from applications and put it into the Firewall Catalog or Firewall Rule entry list in ePO.

      4) There is no clientcontrol.exe equivalent to easily pull information on executables.

      5) When manually adding an executable as a rule to an endpoint - the digital signature information gets inserted backwards.


      Anyone else notice these issues?