9 Replies Latest reply on Feb 1, 2017 1:11 AM by darren_lee

    Framepkg.exe reputation with TIE?

    darren_lee

      Hi all,

       

      I am having minor problems with GTI reputation for FRAMEPKG.EXE with TIE server and Dynamic Application Containment.

       

      When I check the TIE reputations in EPO for FRAMEPKG.EXE for the version 5.x agents, some of the versions have no reputation listed including 5.0.4.449.  Some versions are listed as "most likely trusted". 

       

      I am using Dynamic Application Containment for files that are "unknown" by TIE.  So when FRAMEPKG.EXE has no reputation in TIE, it gets contained, and then gets shutdown when it triggers DAC rules (as many installers do).

       

      For the moment I have set the Enterprise reputation to "Known Trusted" for each framepkg.exe version in my environment which resolves the problem and allows the agent to install without DAC stopping it, however I would have thought that McAfee would ensure their components have a reputation in GTI to prevent deployment issues?