Hello Folks:
I've an issue with the process exclusion policy which I created for endpoints. My SEPM is 12.1.3 & few of my clients are running on 12.1.1 & 11.x version. The issue is with the older version clients where this policy is not working. Any suggestions ?
Does new policy are received ?
Check both SEP and SEPM policy are same.
Please check that older client's machine's are communicating with new sepm or not.
All older client's should be online with new SEPM
clients communicating with SEPM? do u see the green do on them?
The clients are ommunicating to SEPM and the policy versions are same. In most of the cases if I reinstall the clients with 12.1.3 the problem is getting fixed.
12.1 can manage all previous versions of 12.1
You may want to ring up support to see this was a bug and fixed in a later release
Support says that I need to upgrade to 12.1.3 for fixing the issue and as a workarround I need to set tamper protection to log only.
I guess it won't hurt to try it on one affected client. Best practice calls for both clients and SEPM to be on the same version so it's best if you can do that.
I don't understand why tamper protection would play a role in this though.
BEcause the exclusion process is being flagged by tamper protection.
Well that seems counter productive...especially when it breaks it's own process. A bug I assume?