Drive Encryption takes two ASCI intervals to activate a client
Last Modified: 2024-01-06 09:57:53 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Drive Encryption takes two ASCI intervals to activate a client
Technical Articles ID:
KB85918
Last Modified: 2024-01-06 09:57:53 Etc/GMT EnvironmentDrive Encryption (DE) 7.1.x
For details of DE 7.1.x supported environments, see KB79422 - Supported platforms for Drive Encryption 7.x. ProblemWhen trying to activate and encrypt a DE client, it takes twice as much time to activate the DE client as the Agent Server Communication Interval (ASCI) shows in the McAfee Agent (MA) policy.
When the Active Local Domain User event is generated and processed into the ePolicy Orchestator (ePO) database, the Tomcat service generates an agent wakeup call and fails. CauseA firewall rule is in place that's blocking Port 8081. This port is used in the environment for MA wakeup calls.
SolutionIf you're using the default Port 8081, you need to open the port outbound to the client running DE.
If the firewall opens ports by service, the To view the ports needed by ePO 4.x and 5.x for communication through a firewall, see KB66797 - ePolicy Orchestrator port requirements for firewall traffic. WorkaroundTo activate the client in an acceptable amount of time without opening Port 8081 on the firewall, you'll need to manually perform the ASCI process.
After the PreBoot File System has been created and the key is sent to the ePO server, the client will activate and encrypt.
Affected ProductsLanguages:This article is available in the following languages: |
|