Jump to content
esheldon

Correct way of making changes to MBAM policy

Recommended Posts

Sorry if this is an easy question, but we rolled out MBAM & MBAE about a year ago and have decided to make some changes with how it's setup, as well as add some directories to exclude due to new software in our infrastructure.  How do I go about pushing those changes down to the clients already installed?

Share this post


Link to post
Share on other sites

Greetings,

As I understand it, once you make the changes, as soon as the clients check in with the management system it should pull down and apply the new policies automatically and the endpoints check in on a regular basis according to a pre-programmed heartbeat/interval, so it should happen pretty soon once each client comes online and checks in, however if you have a test endpoint on your network that you can monitor, that might prove useful in determining how long it takes to apply the changes (just be sure to close/reopen the main UI to check for the changes pretty frequently, as I don't believe the UI will update automatically what is shown onscreen once the new settings are picked up even once the new policies become active so you'll have to close/reopen the main UI to see them visibly).  You might also be able to monitor the logs for the changes being applied, depending on what details they show (I'm not too familiar with the business product's logging structure so I don't know for certain whether the endpoints log changes to exclusions or not).

Share this post


Link to post
Share on other sites

This product is showing me that it's less and less of an enterprise solution.  I have checked DNS/DHCP/AD/etc, and everything shows fine.  I can ping my computer from the server fine (of which I have myself set as a static ip for the past few years).  I have rebooted the MBAM server.  I have updated the console to the latest version.  Yet, the MBAM software can't see my computer.  Showing network path not found.  

Share this post


Link to post
Share on other sites

@djacobson can you help us out please?

I've notified a member of the Malwarebytes Business Support team.  He should be able to enlighten us as to any known issues and possible solutions and workarounds and/or provide guidance on troubleshooting the problem.

Share this post


Link to post
Share on other sites

Hi guys, changes to the policies within MBMC will be picked up by the clients themselves once they check into the management server. The version number of the policy will iterate, and in your client view, machines which need to check-in to receive the policy change will be highlighted in yellow. Once the highlight goes away, those machine have accepted the new policy and reported back.

Share this post


Link to post
Share on other sites

Exactly what I needed to know.  Still...the admin side of the product doesn't seem ready for Enterprise level.  Maybe 20-30 ee's, but not over a hundred like we have.  Either way, thanks so much for letting me know that piece, because that truly helps!

Share this post


Link to post
Share on other sites

@esheldon do you happen to have any suggestions as to how Malwarebytes could improve their implementation to better suit your needs, requirements and expectations?  I ask because a huge driver for the decisions they make and features they choose to develop and implement is direct feedback from customers/users, so if you have any good ideas as to how they might make their product better, there's a good chance you may see it implemented in a future release.

Obviously you don't have to answer if you do not wish to, however it could be a good opportunity for you to provide valuable feedback which you and others may end up benefiting from in the future.

Share this post


Link to post
Share on other sites

MBMC can support in excess of 20k seats. It all depends on your SQL config.

There are other limitations with the product that can be impactful to enterprise setups, that's detailed here - 

 

Here is a matrix to help you design good policies for your endpoints based on their OS and role.

596797028_policymatrixMBESMBAMMBAE.JPG.822440a192dd409dfd6c825a67b00d00.JPG

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.