This is starting to be a hassle to configure these CIS clients.
- I am having issues with pushing a config and appending to safe list. When I push a config first the append to safe list does not apply to the CIS. If I apply the append safe list first it applies. After a few minutes the Safe List is gone. This is a problem...
- If a request comes up of something wanting access to something I should be able to click on that request and add it to the safe list to the config so I can then push that to all clients. It is too much of a pain to have to track that application to the source and figure out where it is located on the drive and add it to a list to push.
will be improved in the next version.
- The safe list doesn't always work. I have added C:\Program Files\*Application Folder*\* and still get request in the CESM to allow or deny something out of that folder. This also goes for Trusted Vendors. I should not see request to allow or deny a application from IBM or HP.
CIS send request if safe file tries to start unsafe application or application from unknown vendor.
If app1 is in the safe file list and app1 is not in the safe file list or is not sighed, request appear.
So both should be in the safe file list/signed to remove request and CIS should be in safe mode.
- Any word on the update CIS without having to uninstall and re-install?
CIS update works but remote workstation should be logged on.
Then apply action: Update base/binaries.
- I will have to agree with the other poster about the balloon messages. They do get pretty intense. The only time a balloon message should pop up is if there is a approval pending or a virus has been found. They don't need to see balloon messages for Defense+ learning or definitions updating.
Partially agree with you.
At this point I don't trust CESM and CIS for Defense+ or Firewall. The only thing that seems to work OK without cause big problems is the A/V.
F+ and D+ works fine, you simply have to understand its logic.