Overview

A protection policy has been configured and the agent has been deployed to the client machines but users still have full access to all devices and nothing is blocked.

Environment

• EndPointSecurity
• All Supported Environments
  
  

Root Cause

This issue can occur for several reasons, please check the resolution section below.

Resolution

Solution #1

1. Check if the client machines were created from an image that had the EndPointSecurity agent already installed.
2. This is not supported and to resolve the issue, uninstall all agents via the console and deploy the agents once again.
   
   

Solution #2

• Verify that the agent is not running in freeware mode, as this means that only monitoring is possible but no devices are controlled.
• Agent licensing works independently of the server, and when evaluating EndPointSecurity the console might display that the there are still a number of days left until it expires.
• However, if the agent was previously running on a client machine, the evaluation period still expires and running in freeware mode.
• To verify if the agent is running in freeware mode, open the agent log file and search for the following:

 

"info   ","AgentEsecService","  freeware mode license."

and further down:

 

"info   ","DevicesController"," policy guid: 70600f38-caaa-43fd-b2b0-89158bc11cd0"

"info   ","DevicesController"," read controlled categories:"

"info   ","DevicesController","  enabled categories: 0,1,2,3,4,5,6,7,9,"

"info   ","DevicesController"," read controlled ports:"

"info   ","DevicesController","  enabled ports: 0,1,2,3,4,5,6,7,"

"info   ","DevicesController"," Set Freeware Mode."