Jump to content

Derlin

Members
  • Posts

    3
  • Joined

  • Last visited

About Derlin

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. This is informative. I look forward to ERA v7 and possibly any updates that honor GPO applied rules in the future. The current context help for the "Also evaluate rules from Windows Firewall" does not explain that ruled defined by GPO will not be evaluated. Could the context help and web help be updated in a future version to clarify this? Neither clearly makes this distinction. For my current situation, are there workarounds I could be missing? The utilities initiate a connection over port 135, and the "Allow incoming RPC communication in the Trusted Zone" is enabled, as are all the default rules. This part works okay. Then, the tools (per Microsoft's description) negotiate a new random port in a given range. This is the part where Endpoint Security blocks the connection without extra rules. Are there additional presets I could use for this?
  2. In particular, I was testing with wmic and systeminfo utilities remotely.
  3. We recently started rolling out Endpoint Security. We were having some trouble running various tools leveraging RPC/WMI with the default rules, even though they worked fine under Windows Firewall. If I manually create rules locally or in the Remote Administration, I can get it to work, but I don't like ERAS since it forces me to lock users out of locally modifying rules if necessary. Since Windows Firewall worked, I tried the option to import the rules. That didn't work either, so I manually recreated Windows Firewall rules matching what was already there. That did work. Finally, I tried adding these rules to our Group Policy for Windows Firewall. These successfully applied, but Endpoint Security fails to read these rules. Can I change ES to read rules enforced by Group Policy, or is it limited to only local rules? The context sensitive help is not clear if this is an actual limitation.
×
×
  • Create New...