Clients are unable to access the Agent Handler main repository after installing Update 11
Last Modified: 2021-11-19 14:52:45 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Clients are unable to access the Agent Handler main repository after installing Update 11
Technical Articles ID:
KB95029
Last Modified: 2021-11-19 14:52:45 Etc/GMT Environment
ePolicy Orchestrator (ePO) 5.10 Update 11
Problem
You see the issues below after you install ePO 5.10 Update 11 to an ePO 5.10 server and Agent Handlers:
Where <ah_ip_address> and <port> are the IP address and port of the Agent Handler. At the same time, errors are recorded in server_<hostname>.log on the Agent Handler: MOD_EPOREPO UrlCacheObject.cpp(393): Error connecting to https://<epo_server>:<port>/Software/catalog.z MOD_EPOREPO UrlCacheObject.cpp(484): Failed to download content for https://<epo_server>:<port>/Software/catalog.z, system error 2 Where <epo_server> and <port> are the IP address or FQDN and port of the ePO server. System Change
Applied ePO 5.10 Update 11.
Cause
When clients that communicate through an Agent Handler try to access the main repository, in reality they request the content from the Agent Handler. The Agent Handler then downloads the requested content from the main repository on the ePO server, and serves it to the client. Changes made in ePO 5.10 Update 11 Update 11 strengthens the way ePO makes Transport Layer Security (TLS) connections, by removing support for older TLS protocols and cipher suites. Resulting issue:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Windows 2012 does not support the Solution
On the Agent Handler, enable the cipher suite provided below.
Affected ProductsLanguages:This article is available in the following languages: |
|