08-25-2020 02:07 AM
The McAfee License Key on one of my devices run out. Anyway, my SMA device still recognizes the status of "McAfee" as "Enabled" although having the information that the license is expired.
How can I manually disable McAfee (or remove the license key of McAfee?) in order to change the status to "Disabled" on the WSA?
On the WSA, when I go to "Security Services > Anti-Malware and Reputation > Edit Global Settings", I get the following text: "Feature Key for McAfee has expired or is unavailable. For information on enabling this feature with a new key, contact your Cisco sales representative." Is there a checkbox or something like this?
Background (this is the reason why this bothers me):
I'm not able to push configurations via my SMA device with following error "The Anti-Malware settings must match to successfully publish." Or is this error related to something else?
08-25-2020 02:55 AM
If you are managing WSA with SMA
follow below steps to remove :
Web --> utilities--> edit display settings
remove "McAfee Anti-Malware"
Try publish.
08-25-2020 04:13 AM
THanks for your reply.
I already disabled this option as you can see in my screenshot (Is service Displayed on Management Appliance?: No).
But how to disable it on the WSA (Web Appliance Service: Enabled)?.
This is the reason why the text is coloured in red on the screenshot.
08-25-2020 05:10 AM
I have done the same option which i have suggested, it works on 11.X version (not sure what is the version, and should work for you also)
Can you post both the screenshot SMA and WSA in related to McAfeee ( are you using Sophos ?).
same thread may help also :
08-25-2020 05:36 AM
This is exactly my problem. The status of McAfee on the WSA does not match the status of the management device's configuration master, as shown in the first screenshot.
The solution in the other discussion you have posted @balaji.bandi simply says:
"Enable or disable the feature [McAfee] on the Web Security Appliance. Some changes may impact multiple features. See the information about the relevant feature in the Cisco IronPort AsyncOS for Web Security User Guide."
But I don't now how to disable the McAfee feature on a WSA with an expired key? I'm running AsynOS 11.8.
Some Screenshots of my configuration. Is there any other menu with settings regarding McAfee?
08-25-2020 06:16 AM
08-25-2020 06:24 AM
Another option i can think of to see if the McAfee enabled was
SMA--Configurationmaster--> outbound marlaware scanning ( check anti-malware Filter section, is that enabled ?)
same check on WSA - WebSecurity Manager - outbound marlaware scanning ( check anti-malware Filter section, is that enabled ?)
check also Global policy any where enabled ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide