Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

How to apply config list manually on an endpoint to refresh policy rules

How to apply config list manually on an endpoint to refresh policy rules

Version

All (Windows only)

Topic

This document describes how to apply config list manually on an endpoint to refresh policy rules.

Steps

Option 1 (only for connected endpoints)

  1. On the Bit9 console, go to Assets > Computers
  2. Click the machine’s name to view the details page
  3. Click on Other Action > select Resend All Policy Rules > click Go
    1. For version 6, click on Show Advanced Options > on Action, select Resend All Policy Rules > click Go

Option 2 (only for connected endpoints)

  1. On the endpoint, open a command prompt and run the following commands from %Program Files%\Bit9\Parity agent directory:
    1. dascli password {CLI password here}
    2. dascli refreshconfiglist

Option 1 and 2 will flush the CL version on the connected agent to 0 and will start downloading the CL again from the server ‘til it’s up to date. It’s best to do this when the machine is not in use to avoid unnecessary blocks while the rules are being updated

Option 3

  1. Copy the configlist.xml from the Bit9 server (%Program Files%\Bit9\Parity server\hostpkg\configlist.xml) and save it on the endpoint’s temp directory like C:\Temp
  2. On the endpoint, open a command prompt and run the following commands from %Program Files%\Bit9\Parity agent directory:
    1. dascli password {CLI password here}
    2. dascli importconfiglist {path}\configlist.xml now

Option 4

  1. Copy the configlist.xml from the Bit9 server (%Program Files%\Bit9\Parity server\hostpkg\configlist.xml)
  2. On the endpoint, open a command prompt and run the following commands from %Program Files%\Bit9\Parity agent directory (skip this step if you are on Safe Mode and proceed on step #3):
    1. dascli password {CLI password here}
    2. dascli tamperprotect 0
  3. Paste the file on the endpoint’s Programdata\Bit9\Parity Agent folder and rename configlistfull.bt9
    1. For XP or Windows 2003, place the file in Documents and Settings\All Users\Application Data\Bit9\Parity Agent
  4. Restart the Parity Agent service
  5. On the command prompt, run “dascli status” to verify that the tamper protect has been re-enabled. If it’s not, run the following commands from %Program Files%\Bit9\Parity agent directory to re-enable it (only needed if you turned off tamper protect using step 2 instead of going to Safe Mode):
    1. dascli password {CLI password here}
    2. dascli tamperprotect 1
Labels (1)
Was this article helpful? Yes No
100% helpful (3/3)
Article Information
Author:
Creation Date:
‎03-11-2015
Views:
3144
Contributors