AltocumulusHi, this could be too open a question to answer....
We use McAfee HIPS on our laptops as a firewall, we are finding that it is blocking lots of features that the big ip edge client seems to need to connect successfully (resulting in users sporadically being unable to logon). Is there a definite list or document of what we need to allow for big ip edge client to work? thanks!
NimbostratusHi,
On your APM, are you doing some client-side checks ? (Control which antivirus installed and so on...)
Do you have the login page when you try to connect you to your APM portal ?
AltocumulusHi, the only check we do is for the prescence of a reg key that does exist on the machines effected. Yes we also have a login page too...
NimbostratusDid you ever be connected with this computer to your APM ?
Because when you do client-side checks, you need to install a plugin except if you have "Component Installer Package for Windows" installed.
If never connected to APM before, there's 2 cases :
"Component Installer Package for Windows" not installed : You have connect you with a user with privileges to install it.
"Component Installer Package for Windows" installed : Check where it's blocking access. Before or after client-side checks ?
Altocumulusyes this has worked in the past, they aslso have the component installer installed.
HIPS just appears to be blocking stuff sporadically!
NimbostratusI'm going to search for it, don't have any informations on it yet...
If somebody read this, he'll be welcome to give us those informations.
Altocumulusgreat, thank you!
EmployeeHi, HIPS can lock some ports. We have already seen this issue. Can you have a look in the Edge Client logs ?
I advise you to open a support case so that we can help you to investigate. I think you need to add F5 components in the HIPS whitelist.
Altocumulusthanks, i will open a call. do you know how to whietlist f5 components or what the components needed are?
MVPwho manages your mcafee HIPS? cant you ask there how to whitelist? the components you can find out in your taskmanager. you can also just check the f5 edge client install dir.