Vidéos d'aide de Screencast

Firewall status: "disabled" or "disabled by policy"... strange behaviour

Created: 12 Décembre 2012 • Updated: 12 Décembre 2012 | 9 comments
l'image des diabolicus23

SEP 12.1 RU2.

I've one group where I've withdrawn the firewall policy (component installed but policy withdrawn).

I don't understand why I see, in that group, some clients with the firewall status reported as "disabled by policy" and others reported as "disabled".

All those client rebooted after the installation, they have the correct (and the same) policy serial number, same OS type, they had not SEP before so no old communication settings and so on... simply I don't understand.

Any idea?

Thanks!

Commentaires CommentairesAccéder au dernier commentaire

l'image des diabolicus23

Hi Ashish and thanks for the link.
Even if the problem reported there is, potentially, a big issue I don't realize why different behaviour for my clients.

I could understand both of them with firewall disabled or enabled for some reason, but different result...? This is my question mark.

Thanks

l'image des Ajit Jha

Its seems to me like its not Reporting properly,as two kind of Status for a Single Group with same prolicy. You should update the policy once again and check.

Regard's

Ajit Jha

Technical Consultant

ASC & STS

l'image des diabolicus23

You mean, the policy update check performed by the clients at their heartbeat interval? Already passed.

If you mean directly from the clients... I surely hope this is not necessary 'cause I can't do that (future vision) on all "strange" clients.

l'image des Brɨan

Are all clients on the same version of SEP?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

l'image des diabolicus23

Absolutely yes.

Not only. They're deployed using the same exported setup.

l'image des Brɨan

Is it possible that on one of the clients someone right clicked the SEP icon and selected "Disable SEP"?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

l'image des Rafeeq

Found it.

If right click on client in SEPM and select disable NTP it will say disable by Policy.

However if you withdraw the policy / disable from client it will just say "Disabled"

l'image des diabolicus23

I didn't send the command via console and the user did not disable it via client gui (I control both manager and clients in this phase).

I cannot solve the problem itself so I've avoided it.

I've reintroduced the firewall policy to the group with a top rule saying "allow-any-any".
The firewall is now reported as "enabled" for every client.

Not a solution, I know, but at least a uniform behavior.