4 Replies Latest reply on Sep 21, 2016 9:52 AM by gph12

    OAS Randomly Disabled and also sometimes, randomly automatically enabled back again




      I am facing OAS randomly disabled in some of my managed systems with apparently no reason as this happens with different machine types, different Operating Systems, different McAfee products installed and, it also happened with different McAfee product versions.


      The issue originally started to happen with the following products:

      - McAfee ePO 5.1.0

      - McAfee Agent

      - McAfee Virus Scan Enterprise


      I upgraded ePO to 5.1.1 build 357 and also McAfee Agent to the Then McAfee VSE to the, expecting this issue to be fixed but, although the number of affected systems has been reduced, it is still happening.


      I have workstations and also servers affected. Windows 2008, 2012, 7 and 8 are the operating systems affected. In some WS, I have HIPS 8.0 installed and in other WS affected, I don't have HIPS so, the fact of bot HIPS and VSE are using the same vscore seems not to be the common root cause in this case.


      When OAS is disabled in a system, maybe after some minutes, hours or days, can be automatically fixed and enabled back again but, in some other cases, they remain disabled. I have followed the William Warren' blog (On Access Scanner:  Why is it disabled? ) but no luck. All the causes do not match in this scenario. In the upgrade, I also followed the paths for upgrading products but, no luck (McAfee KnowledgeBase - Supported upgrade paths for McAfee Agent, VirusScan Enterprise, and Host Intrusion Prevention ).


      I have an SR opened in McAfee but, they are trying to fix it by uninstalling and installing back the product. Honestly I would like to know why this is happening and, try to find a solution for not being reinstalling products when the issue is detected as I have thousands of managed systems and not only 1 ePO server.


      Any advice?. Can you please help me on this?. Did you face any similar issue?


      Thank you very much in advance


         Alejandro Bustos.