For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

cymru81's avatar
cymru81
Icon for Altocumulus rankAltocumulus
Dec 06, 2013

APM+Firewall

Hi, this could be too open a question to answer....

 

We use McAfee HIPS on our laptops as a firewall, we are finding that it is blocking lots of features that the big ip edge client seems to need to connect successfully (resulting in users sporadically being unable to logon). Is there a definite list or document of what we need to allow for big ip edge client to work? thanks!

 

BIG-IP Access Policy Manager (APM)
security

9 Replies

  • Thomas_Gobet's avatar
    Thomas_Gobet
    Icon for Nimbostratus rankNimbostratus
    Dec 06, 2013

    Hi,

     

    On your APM, are you doing some client-side checks ? (Control which antivirus installed and so on...)

     

    Do you have the login page when you try to connect you to your APM portal ?

     

  • cymru81's avatar
    cymru81
    Icon for Altocumulus rankAltocumulus
    Dec 06, 2013

    Hi, the only check we do is for the prescence of a reg key that does exist on the machines effected. Yes we also have a login page too...

     

  • Thomas_Gobet's avatar
    Thomas_Gobet
    Icon for Nimbostratus rankNimbostratus
    Dec 06, 2013

    Did you ever be connected with this computer to your APM ?

     

    Because when you do client-side checks, you need to install a plugin except if you have "Component Installer Package for Windows" installed.

     

    If never connected to APM before, there's 2 cases :

     

    • "Component Installer Package for Windows" not installed : You have connect you with a user with privileges to install it.

       

    • "Component Installer Package for Windows" installed : Check where it's blocking access. Before or after client-side checks ?

       

  • cymru81's avatar
    cymru81
    Icon for Altocumulus rankAltocumulus
    Dec 06, 2013

    yes this has worked in the past, they aslso have the component installer installed.

     

    HIPS just appears to be blocking stuff sporadically!

     

  • Thomas_Gobet's avatar
    Thomas_Gobet
    Icon for Nimbostratus rankNimbostratus
    Dec 06, 2013

    I'm going to search for it, don't have any informations on it yet...

     

    If somebody read this, he'll be welcome to give us those informations.

     

  • Matt_Dierick's avatar
    Matt_Dierick
    Icon for Employee rankEmployee
    Dec 06, 2013

    Hi, HIPS can lock some ports. We have already seen this issue. Can you have a look in the Edge Client logs ?

     

    I advise you to open a support case so that we can help you to investigate. I think you need to add F5 components in the HIPS whitelist.

     

  • cymru81's avatar
    cymru81
    Icon for Altocumulus rankAltocumulus
    Dec 06, 2013

    thanks, i will open a call. do you know how to whietlist f5 components or what the components needed are?

     

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Dec 06, 2013

    who manages your mcafee HIPS? cant you ask there how to whitelist? the components you can find out in your taskmanager. you can also just check the f5 edge client install dir.