I can just give you a hint as I´m just getting familiar with the Firewall:
Under Endpoint Security Firewall :Firewall > Options > Your Rule
At the very bottom there is an option for trusted executables.
Maybe you can try to add them there and have a look if the errors still accour.
Thanks for your reply!
That's what Support told me to do. But this would create a bi-directional rule on top that allows ANY communication of that EXE. That's not a solution.
The strange thing I noticed are log entries like "Setting the FW bBlockUntrusted to 1 succeeded" and later "Setting the FW bBlockUntrusted to 0 succeeded". But there exists no policy at all with "Block all untrusted executables" enabled on my ePO. And I have 2 ePOs running. Clients on both servers suffered from that condition. Even the two default McAfee Policies do not have this option checked.
So, noone knows why the heck my clients sometimes get the setting BlockUntrusted = 1 and from where.
What I can say now......it disappeared since I re-saved EVERY policy on the server. Changed one checkbox --> SAVE......changed back that checkbox --> SAVE again.
Hoping now the error is gone.
Okay then i hope that did the trick for you.
My next guess would be that it is one of the rules the sets dynamic firewall rules.
I know you said these options are unchecked, but maybe something went wrong during saving or what not. So in this case saving them again should do the trick.