awdl0 and Digital Guardian

easyedc
Valued Contributor II

Our company uses Digital Guardian as its big brother software. If you're not familiar with it, it's very heavy handed and can run just about any "rule" you'd like it to. One rule in particular is that it will block your network access if it detects more than one active NIC available. IE if it determines wifi is on (which turns on the airdrop NIC even if airdrop is disabled).

It's latest release has started triggering network blocks if it detects awdl0 active. I can disable it easily with a script (and @adamcodega even has one written for me to be lazy. However cycling the airport power on/off will just bring it back up. Anyone got any good solutions to truly disable awdl0? I'd hate to brute-force remove it, a) because it's possible a software update will just put it back, and b) what if we allow it in the future?

Thoughts? Brainstorming this one....

Thanks

3 REPLIES 3

roiegat
Contributor III

Which DG version are you guys using? We're currently on 6.2.2 and testing 7.1.2 for migration into El Capitan. Be interested to know which version is having issues with awdl0 since were not having issues with that at this time.

easyedc
Valued Contributor II

That is the scenario we were in as well. Our prod release is a mix of 6.2.3 and 6.2.4 (mostly migrated to 6.2.4) and we have a few workstations moved to OS X 10.11.x and testing the 7.1.2 client. Discovered that our dual homing rule is identifying airdrop as on if the wifi is turned on (which automagically sets awdl0 active). We have strict VPN enforcement, Dual homing, etc. So this is a rule that we have to enforce. GRRRR....

easyedc
Valued Contributor II

@roiegat Been a few months. I wondered if you'd moved further in the the 7.1.2 realm yet. We found a few painful issues with 7.1.2 and persistent through 7.1.3. We're about to start 7.1.4/7.2 testing. Our biggest issue we discovered was that 7.1.2 blocks .dmgs from opening no matter where they came from. Also it has an issue where it really doesn't want to uninstall until you rm -rf any DG directory. 7.1.3 seems to have persisted with the bug about .dmgs.