cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ezim
Level 9
Report Inappropriate Content
Message 1 of 4
‎03-16-2020 07:00 AM

ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

We are seeing issues with the ENS 10.6.1 Firewall since we upgraded to the Feb 2020 (10.6.1.1447).

The wrong rules are getting matched.

Additionally, we are also having problems with not seeing all events being recorded in the FirewallEventMonitor.log file when NIPS is switched on.

 

Does anyone else see these issues?

0 Kudos
Reply
1 Solution

Accepted Solutions
ezim
Level 9
Report Inappropriate Content
Message 4 of 4
‎04-03-2020 09:35 AM

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

See https://kc.mcafee.com/corporate/index?page=content&id=kb92611 for more information.

View solution in original post

Reply
3 Replies
rfranci
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎03-18-2020 01:52 AM

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

Hi,

That’s strange, how the wrong rules are getting triggered!

It would be great if you can let us know the below details:

  • Was there any changes in the policy ?
  • What is the previous ENS version that you were using ?
  • How many machines have been impacted at the moment?
  • Was all the components of ENS including platform updated to latest version of 10.6.1?
  • What was the rule that was triggered wrong and what is the expected behavior of that rule?

 

Thank you,

0 Kudos
Reply
ezim
Level 9
Report Inappropriate Content
Message 3 of 4
‎03-18-2020 08:46 AM

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

Hello @rfranci,

- There were no changes to the policy, the only change was the upgrade to the ENS Feb 2020 version

- The previous version is ENS Dec 2019

- All machines that had upgraded to the Feb 2020 version were impacted at the time

- All components were updated (Platform, Threat Prevention, Firewall, Web Control)

- The matched rule was "Allow McAfee signed applications"

I've raised a SR, but I haven't had an answer to what is causing the issue yet. It's most frustrating. I did find that the rule isn't parsed correctly on the Endpoint. And as able to find a work-round myself which I implemented and detail in the SR.

Thank you for your assistance.

0 Kudos
Reply
ezim
Level 9
Report Inappropriate Content
Message 4 of 4
‎04-03-2020 09:35 AM

Re: ENS 10.6.1 Feb 2020 update - Firewall issues -incorrect rule(s) matched

Jump to solution

See https://kc.mcafee.com/corporate/index?page=content&id=kb92611 for more information.

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC