McAfee HISCDE-AB-IA Product Guide - Page 85
Setting options for IPS logging, Disabling Host IPS engines, Help | Troubleshooting, Disabled
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 85 highlights
Working with Host Intrusion Prevention Clients Overview of the Windows client Setting options for IPS logging As part of troubleshooting you can create IPS activity logs that can be analyzed on the system or sent to McAfee support to help resolve problems. Use this task to enable IPS logging. Task 1 In the Host IPS console, select Help | Troubleshooting. 2 Select the IPS message type: • Debug • Disabled • Error • Information • Warning If the message type is set to Disabled, no message is logged. 3 Click OK. The information is written to HipShield.log at C:\Documents and Settings\All Users\Application Data\McAfee\Host Intrusion Prevention; on Windows Vista and late at C:\Program Data\McAfee\Host Intrusion Prevention\. Settings options for Firewall logging As part of troubleshooting you can create firewall activity logs that can be analyzed on the system or sent to McAfee support to help resolve problems. Use this task to enable Firewall logging. Task 1 In the Host IPS console, select Help | Troubleshooting. 2 Select the Firewall message type: • Debug • Disabled • Error • Information • Warning If the message type is set to Disabled, no message is logged. 3 Click OK. The information is written to FireSvc.log at C:\Documents and Settings\All Users\Application Data\McAfee\Host Intrusion Prevention\; on Windows Vista and later at C:\Program Data\McAfee\Host Intrusion Prevention\. After the file reaches 100 MB, a new file is created. Disabling Host IPS engines As part of troubleshooting, you can also disable class engines that protect a client. McAfee recommends that only administrators communicating with McAfee support use this troubleshooting procedure. For a better understanding of what each class protects, see the section onWriting Custom Signatures. McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5 85