Working with Host Intrusion Prevention Clients
Overview of the Solaris client
Select...
Filter Options - Intrusions
NOTE:
You can enable and disable logging for the firewall traffic, but not for the IPS feature.
However, you can choose to hide these events in the log by filtering them out.
3
Do any of the following to change the display:
To...
Refresh the display
Permanently delete the contents of the log
Save the contents of the log and delete the list
from the tab
Apply changes immediately
Overview of the Solaris client
The Host Intrusion Prevention Solaris client identifies and prevents potentially harmful attempts
to compromise a Solaris server's files and applications. It protects the server's operating system
along with Apache and Sun web servers, with an emphasis on preventing buffer overflow attacks.
Policy enforcement with the Solaris client
Not all policies that protect a Windows client are available for the Solaris client. In brief, Host
Intrusion Prevention protects the host server from harmful attacks but does not offer firewall
protection. The valid policies are listed here.
Table 20: Solaris client policies
Policy
Host Intrusion Prevention 8.0 IPS
IPS Options
IPS Protection
IPS Rules
Host Intrusion Prevention 8.0 General
Client UI
Trusted Networks
94
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
To do this...
Filter the data to display intrusions.
Do this...
Click Refresh.
Click Clear.
Click Export. In the dialog box that appears, name and
save the .txt file.
Click Apply. If you do not click this button after making
changes, a dialog box appears asking you to save the
changes.
Available options
•
Enable HIPS
•
Enable Adaptive Mode
•
Retain existing Client Rules
All
•
Exception Rules
•
Signatures (default and custom HIPS rules only)
NOTE:
NIPS signatures and Application Protection Rules
are not available.
None except administrative or time-based password to
allow use of the troubleshooting tool.
None