Endpoint Security Firewall is enabled after installation even though it is disabled in the Options policy
Last Modified: 2023-01-31 21:29:38 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Endpoint Security Firewall is enabled after installation even though it is disabled in the Options policy
Technical Articles ID:
KB88713
Last Modified: 2023-01-31 21:29:38 Etc/GMT Environment
Endpoint Security Firewall 10.x
Problem
Endpoint Security Firewall is enabled after installation even though it is disabled in the Options policy. This action might cause network interruption until policy enforcement occurs.
Cause
Endpoint Security Firewall is enabled by default whether it is installed locally or through ePolicy Orchestrator. If ePolicy Orchestrator manages the firewall, the local hard-coded policies are enforced until an agent policy enforcement occurs. The time between a successful installation and an agent policy enforcement can vary, which can cause network issues in an environment, especially if no firewall existed previously.
Solution
This behavior is as designed and expected.
Affected ProductsLanguages:This article is available in the following languages: |
|