McAfee HISCDE-AB-IA Product Guide - Page 7
Introducing Host Intrusion Prevention, Host IPS protection
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 7 highlights
Introducing Host Intrusion Prevention McAfee® Host Intrusion Prevention is a host-based intrusion detection and prevention system that protects system resources and applications from external and internal attacks. It provides a manageable and scalable intrusion prevention solution for workstations, notebooks, and critical servers, including web and database servers. Its patented technology blocks zero-day and known attacks. Host Intrusion Prevention (sometimes abbreviated in the product as Host IPS or HIP) can protect information and prevent the compromising of system and network resources and applications that store and deliver information. It accomplishes this with an end-point firewall feature and an intrusion prevention system (IPS) feature. The IPS feature has monthly content updates, which reduces the urgency of patches for new threats. The Host Intrusion Prevention firewall feature is purchased separately or in combination with the Host Intrusion Prevention IPS feature. Host Intrusion Prevention is fully integrated with ePolicy Orchestrator and uses its framework to deliver and enforce policies. This approach provides a single management solution that allows for mass deployment of up to 100,000 systems in multiple languages across an entire enterprise for true global coverage. Contents Host IPS protection Host IPS policies Host IPS policy management Host IPS policy tracking and tuning Host IPS protection After all the required components for Host Intrusion Prevention are installed and communicating, you are ready to apply protection, monitor events, and update policies and content as needed. Basic protection Host Intrusion Prevention ships with a set of default settings that provide basic protection for your environment. These settings include: • For IPS protection: • High severity signatures are prevented and all other signatures are ignored • McAfee applications are listed as trusted applications for all rules except IPS self-protection rules • Predefined applications and processes are protected • For firewall protection: McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5 7