cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 4
‎08-06-2020 02:34 AM

Application Control Default policies are blocking everything

Jump to solution

Dear Guys,

After deploying Application Control 8.2 on on all the clients we sent the SCEnable_AppCtrl_Windows_CWD task to all the clients. Our purpose was only to run inventory task and have a full list of applications in the network. The problem is that the Application Control is blocking almost every executables while our only goal was to have an inventory of applications not to block them. How is it possible to allow all the applications and executable to run? Please take a look at the below picture. We want all the applications to run and expect the Application Control just to make an inventory for us and not more yet.

Thank you in advance.

photo_2020-08-06_14-00-56.jpg

0 Kudos
Reply
2 Solutions

Accepted Solutions
Kenchee_etf
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎08-06-2020 04:53 AM

Re: Application Control Default policies are blocking everything

Jump to solution

Hello @Former Member 

May I ask, why are you using 8.2 instead of 8.3 version especially because I think this fits better to the scenario of usage you are describing:

*** McAfee Application Control and McAfee Change Control 8.3.x - Windows Product Guide (What is Inventory mode?)
https://docs.mcafee.com/bundle/application-control-8.3.x-product-guide-windows/page/GUID-94CE62B2-580B-4BA9-8D48-9B966EE85F68.html

I hope this helps.

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

View solution in original post

Reply
BenEllis
Employee
Employee
Report Inappropriate Content
Message 4 of 4
‎08-07-2020 05:27 AM

Re: Application Control Default policies are blocking everything

Jump to solution

Whitelist is everything that is allowed to run. This is created with Initial solidification.

You can configure your policy to ban by name/checksum or by reputation.

https://docs.mcafee.com/bundle/application-control-8.3.x-product-guide-windows/page/GUID-C0A5172B-DC...

 

Please go through our product guide. It should help you understand the product. You can always call into support and they will help you with certain issues. but what you are asking is very generic of the product. 

 

One place you can start is our landing page:

https://www.mcafee.com/enterprise/en-us/products/application-change-control/support.html

 

this will give you location of our documents and best practices. 

BenJamin Ellis

View solution in original post

Reply
3 Replies
Kenchee_etf
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎08-06-2020 04:53 AM

Re: Application Control Default policies are blocking everything

Jump to solution

Hello @Former Member 

May I ask, why are you using 8.2 instead of 8.3 version especially because I think this fits better to the scenario of usage you are describing:

*** McAfee Application Control and McAfee Change Control 8.3.x - Windows Product Guide (What is Inventory mode?)
https://docs.mcafee.com/bundle/application-control-8.3.x-product-guide-windows/page/GUID-94CE62B2-580B-4BA9-8D48-9B966EE85F68.html

I hope this helps.

Was my reply helpful?

If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Reply
Former Member
Not applicable
Report Inappropriate Content
Message 3 of 4
‎08-07-2020 01:41 AM

Re: Application Control Default policies are blocking everything

Jump to solution

@Kenchee_etf 

Thank you for your reply.

I actually solved the problem by putting all the clients on Observe mode. However what I am looking to find is that how to edit the Whitelist. I am able to add the found applications in whitelist but cannot find how to delete them from the list. Also it is somehow weird that on some clients even cmd.exe is blocked but on others no. Actually I did not expect such complexity in this program.

One more thing is that in comparison with Kaspersky Application Control where we face Whitelists and Blacklist mode which lets us to decide which way we look. To let only the whitelisted programs to run and block the others or let everything run except the blacklisted one. However I know that blacklisting specific apps is possible through ENS Access Protection but is it possible in Application Control as well?

Thank you in advance.

0 Kudos
Reply
BenEllis
Employee
Employee
Report Inappropriate Content
Message 4 of 4
‎08-07-2020 05:27 AM

Re: Application Control Default policies are blocking everything

Jump to solution

Whitelist is everything that is allowed to run. This is created with Initial solidification.

You can configure your policy to ban by name/checksum or by reputation.

https://docs.mcafee.com/bundle/application-control-8.3.x-product-guide-windows/page/GUID-C0A5172B-DC...

 

Please go through our product guide. It should help you understand the product. You can always call into support and they will help you with certain issues. but what you are asking is very generic of the product. 

 

One place you can start is our landing page:

https://www.mcafee.com/enterprise/en-us/products/application-change-control/support.html

 

this will give you location of our documents and best practices. 

BenJamin Ellis
Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC