cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
BleachX
Level 10
Report Inappropriate Content
Message 1 of 4
‎05-01-2023 01:20 PM

Protection Workspace showing Data eXchange Layer out of compliance on RHEL 6 ONLY

Jump to solution

We have a small amount of RHEL 6 boxes still being used on some Government contracts.  DXL was working for all systems until we upgraded to Trellix Agent 5.7.9.  I've been unable to figure out why this is happening.  By chance, is anyone else out there noticing DXL issues in Protection Workspace after upgrading to TA 5.7.9?  Does anyone have an idea of what I can try to fix this?

 

Update: As soon as I removed TA 5.7.9 and put the previous version on it, DXL connected again and compliance went up.  Is there something that stops DXL with RHEL 6 when installing TA 5.7.9???

0 Kudos
Reply
1 Solution

Accepted Solutions
BleachX
Level 10
Report Inappropriate Content
Message 4 of 4
‎05-04-2023 06:30 AM

Re: Protection Workspace showing Data eXchange Layer out of compliance on RHEL 6 ONLY

Jump to solution

Apologies for the late response.  I've been doing a lot of testing for this issue and have found the entire issue has been caused by Network Administrators that made changes to the network that caused port 8883 to be blocked at the ASA level.  Systems on a different network being unable to reach the ePO for DXL is what changed the compliance numbers of course.

Once again, thank you for your help @cdinet 

View solution in original post

Reply
3 Replies
cdinet
Employee
Employee
Report Inappropriate Content
Message 2 of 4
‎05-02-2023 04:58 AM

Re: Protection Workspace showing Data eXchange Layer out of compliance on RHEL 6 ONLY

Jump to solution

What is the version of dxl that is running on the RHEL systems?  I want to verify it was upgraded.  There should also be a dxl log in C:\ProgramData\McAfee\Data_Exchange_Layer folder.  What errors does that show?  Did you also upgrade the dxl broker to latest version?

That being said, RHEL 6.x has note in KB51573

For TA 5.7.9, version glibc 2.17 or later needs to be installed to support DXL client.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Reply
BleachX
Level 10
Report Inappropriate Content
Message 3 of 4
‎05-02-2023 06:19 AM

Re: Protection Workspace showing Data eXchange Layer out of compliance on RHEL 6 ONLY

Jump to solution

Good morning.  The DXL Platform we have is 6.0.3.990.  The DXL Broker version shows 6.0.0.301.  I just noticed through Data Exchange Layer Fabric that all brokers except the ePO are disconnected or showing offline.  However, I know the servers are online.

I show glibc-2.17-326 is installed.  I'll check the DoD patch repository for an update to DXL Broker.  That must be it.

Reply
BleachX
Level 10
Report Inappropriate Content
Message 4 of 4
‎05-04-2023 06:30 AM

Re: Protection Workspace showing Data eXchange Layer out of compliance on RHEL 6 ONLY

Jump to solution

Apologies for the late response.  I've been doing a lot of testing for this issue and have found the entire issue has been caused by Network Administrators that made changes to the network that caused port 8883 to be blocked at the ASA level.  Systems on a different network being unable to reach the ePO for DXL is what changed the compliance numbers of course.

Once again, thank you for your help @cdinet 

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use our Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from product experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by employees.
Join the Community
Join the Community

TrellixSkyhigh Security | Support Trellix.com SkyhighSecurity.com

Legal Privacy Copyright © 2023 Musarubra US LLC