Table of Contents
Advertisement
Appendix B — Troubleshooting
General issues
7
Do one of the following:
• If the problem recurs, note whether the problem is associated with the IPS component
but not the specific engines. Review hipshield.log to see if the IPS component is the
problem.
• If the problem does not recur, the issue might be associated with a specific engine.
Continue to the next step, Test Each IPS Engine .
Test each IPS engine
1
Click Help and select Troubleshooting.
2
Select Error reporting under IPS logging.
3
Select Log security violations.
4
Click Functionality.
5
Select the engines, one at a time, and retest.
6
Save a copy of the hipshield log for each test and label with the name of the engine tested,
for reporting to support.
7
When testing is complete, enable all the engines to continue to the next step.
Test IPS Adaptive Mode
1
Click the Activity Log tab and clear the log.
2
Click the IPS Policy tab and select Enable Adaptive Mode.
3
Test the system to determine if the problem recurs.
4
Do one of the following:
• If the problem recurs, deselect Enable Adaptive Mode and retest to see if the problem
is resolved. If it is, Host IPS in Adaptive Mode can potentially be associated with the
issue. Save a copy of the Activity log and name it Host IPS Adaptive Activity Log
wProb, for reporting to support.
• If the problem does not recur, deselect Enable Host IPS and continue to the next
step.
Test Network IPS
1
Click the Activity Log tab and clear the log.
2
Click the IPS Policy tab and select Enable Network IPS.
3
Test the system to determine if the problem recurs.
4
Do one of the following:
• If the problem recurs, deselect Enable Network IPS and retest to see if the problem
is resolved. If it is, Network IPS can potentially be associated with the issue. Save a
copy of the Activity log and name it Network IPS Activity Log wProb, for reporting
to support.
• If the problem does not recur, select Enable Network IPS and continue to the next
step.
Test Automatic Blocking of Network IPS
1
Click the Activity Log tab and clear the log.
2
Click the IPS Policy tab and select Enable Network IPS.
3
Click the Automatically Block Attackers checkbox.
4
Test the system to determine if the problem recurs. If it does:
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
139
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee HISCDE-AB-IA - Host Intrusion Prevention
Related Products for McAfee HISCDE-AB-IA - Host Intrusion Prevention
- McAfee Agent 4.0
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE ANTI-THEFT FILE PROTECTION
- McAfee AVDCDE-AA-AA - Active Virus Defense Suite
- McAfee AVDCDE-BA-CA - Active Virus Defense Suite
- McAfee AVM85M - VirusScan For Mac
- McAfee Data Loss Prevention 9.2.1
- McAfee DFFCDE-AA-DA - Endpoint Encryption For Files