Driver failed to load new policy: Error adding sigflags when applying a policy to a Data Center Security (DCS) 6.6 and higher Agent

This policy also applies successfully to previous version of the DCS/CSP (Critical System Protection) agent.

Driver failed to load new policy: Error adding sigflags

DCS All Versions
CSP All Versions

In DCS 6.6 and higher we added Signature Validation, when invalid signatures exist in the policy the policy will fail to apply to a DCS 6.6 and higher Agent and will give the error stating Error adding sigflags.

This same policy will apply to previous version of the DCS/CSP agent because there is no Signature validation.

You must remove all invalid signature entries from the policy and apply to the agent again.

At the time this article is written, the only valid signature entries when manually editing policies are available from the drop-down.

The signature flags available from the drop-down are:

• Microsoft OS Component
• Microsoft Signed
• Symantec Signed
• Signed and Trusted
• Unsigned
• Invalid Signature
• Service Process
• Interactive Process

If the policy has lists that are populated by importing a CSV file(s) which includes signatures, you must use the EFA Choice Name and not the Display Name.

The EFA Choice Name uses a format of "efa_signature_choise_XXXXX".

Here are the EFA Choice Names for the flags available from the drop-down when modifying a policy:

• efa_signature_choice_oscomponent
• efa_signature_choice_microsoftsigned
• efa_signature_choice_symantecsigned
• efa_signature_choice_wellknowntrustedroot
• efa_signature_choice_unsigned
• efa_signature_choice_invalidsignature
• efa_signature_choice_service_process
• efa_signature_choice_interactive_process