Intel Security SNS ProTip for Host IPS: Using IPS Signatures to Prevent the Spread of Malware

Version 1

    Using custom IPS signatures, you can help prevent the spread of malware by creating rules to prevent file operations (create, write, execution, read, etc.) of malware. There are two Subrule types that can accomplish this, one using the FILES engine and the other using the PROGRAM engine.


    To learn more about these and how to create custom IPS signatures, see the following resources:


    For more resources, visit the ServicePortal ( and search for related content. Also, visit the McAfee Host IPS Community:


      McAfee SNS ProTips help you maximize your protection with troubleshooting, best practices, how-to tips, and links to Knowledge Center resources. To unsubscribe from ProTips or change your SNS settings, visit the SNS Subscription Center: