If all the machines are online, the updates would take place within 1-2 heartbeats.
The update period depends on each endpoint. For large scale environments, this looks like a flood of policy updates and the end result will be better performance on each of the Endpoints.
These policy changes are not reflected in the audit log as it is technically a change to the exclusion list, not the policy itself, and Cisco-maintained exclusion lists do not exist within the normal audit log on individual consoles. As each of the Endpoints use that list check in on their heartbeat, they pull the updated policy. When the Cisco-Maintained lists are changed, a policy update occurs on the backend to reflect that change. If your network is live, ensure that you understand the potential impact of any command. All of the devices used in this document started with a cleared (default) configuration. The information in this document was created from the devices in a specific lab environment. The information in this document is based on these software and hardware versions:
Prerequisites RequirementsĬisco recommends that you have knowledge of these topics: This document describes the changes added to the Cisco-Maintained Exclusions.Ĭisco-Maintained Exclusions are created and maintained by Cisco to provide better compatibility between the Advanced Malware Protection (AMP) for Endpoints Connector and antivirus, security or other software, these exclusions can be added to new versions of an application.
0 kommentar(er)
