McAfee HISCDE-AB-IA Product Guide - Page 136
Appendix B — Troubleshooting, General issues
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 136 highlights
Appendix B - Troubleshooting KnowledgeBase articles on the McAfee Support site http://mcafee.com offer you the most up-to-date support information on issues and troubleshooting. Refer to KB69184 for the latest information. Contents General issues Host IPS logs Clientcontrol.exe utility General issues Which Host Intrusion Prevention services should be installed and running on the client system for proper functioning of the software? These services should always be active to provide intrusion prevention protection with either or both IPS and firewall: • McAfee Host Intrusion Prevention Service (FireSvc.exe) • McAfee Firewall Core Service (mfefire.exe) • McAfee Validation Trust Protection Service (mfevtps.exe) These services should be active when called: • McAfee Host Intrusion Prevention system tray icon service (FireTray.exe). • McAfee Host Intrusion Prevention client console (McAfeeFire.exe) How do I prevent the firewall from blocking non-IP traffic? Unless specifically indicated in a firewall rule, some types of non-IP traffic are not recognized by the firewall and as a result are blocked. Additionally, the adaptive and learn modes do not dynamically detect and create firewall rules for non-IP protocols. To prevent non-IP protocols from being dropped, select Allow traffic for unsupported protocols in the Firewall Options policy. You can then check the Activity Log for Allowed Incoming/Outgoing Non-IP Protocol: 0xXXX, where 0xXXX indicates the IANA Ethernet number of the protocol (see htttp://www.iana.org/assignments/ethernet-numbers). Use this information to determine the non-IP traffic that is needed and create a firewall rule that allows it. 136 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5