04-01-2022 09:49 PM
Hi,
I'm an enduser of Cortex XDR. Recently my workstation was migrated from an Intel MacBook Pro to a M1. During the migration process, both workstations were on macOS Monterey 12.3.1.
I've discovered on the M1 that with the Cortex XDR network filter present in Network, I cannot have more than one network service active. Examples:
I do not see this behaviour on my previous Intel workstation. This behaviour goes away if I remove the Cortex XDR network filter, although it adds itself back and I get a persistent prompt to allow it to filter network activity.
I would like a way to report this issue to support but cannot use the support portal. Please advise on alternate ways to report this issue. Thanks
04-14-2022 05:53 PM
Hi Everyone, an update to what @bbarmanroy said.
This indeed appears to be a known issue caused due to Apple's framework bug found in MacOS systems 10.15 and later.
Since the bug is in Apple's framework, the issue can only be fixed by Apple but we have a workaround for Cortex XDR. Agent versions 7.7 and later with Content Version 450 and later should be able to mitigate these issues.
Nevertheless, if this does not resolve the issue, please open a support ticket for a thorough analysis of the issue.
04-03-2022 09:13 PM
Definitely support is the way to go so it can be track for investigation and enhancement if possible.
Unfortunately, you need to have a standard support account, please reach out to your account super user/admin so you can be added to the account.
04-07-2022 11:01 PM
This appears to be a known issue for certain Mac OSX endpoints and the issue seems to be a bug in OSX. Once you raise a support ticket, you should receive a support exception for OSX profiles. Your XDR administrator should apply that to the corresponding Mac OSX exceptions security profile for it to solve the issue on a tactical standpoint.
04-14-2022 05:53 PM
Hi Everyone, an update to what @bbarmanroy said.
This indeed appears to be a known issue caused due to Apple's framework bug found in MacOS systems 10.15 and later.
Since the bug is in Apple's framework, the issue can only be fixed by Apple but we have a workaround for Cortex XDR. Agent versions 7.7 and later with Content Version 450 and later should be able to mitigate these issues.
Nevertheless, if this does not resolve the issue, please open a support ticket for a thorough analysis of the issue.
04-19-2022 11:38 AM
Thanks for this update! I can now confirm the issue has been resolved.
04-19-2022 11:48 AM
Happy to help! 🙂
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
