But with respect to memory protection, both VSE & Solidcore provides the same functionality right? Both provides same full features?
there are big differences between the products and the security level, memory protection is not memory protection.
- VSE uses Access Protection and Buffer Overflow Protection. VSE Buffer Overflow Protection signatures includes only a limited amount of detections.
- HIPS uses generic buffer overflow protection. Which includes much more functionality und detections (Kernel-mode protection).
Therefore, VSE Buffer Overflow protection is disabled automatically if HIPS is also installed on endpoint.
Actualy, from my side it is not absolutely clear if MAC memory protection or HIPS delivers more security. I think, actually, it is a settings how HIPS and MAC can coexist on an endpoint and where MAC memory protection feature is not struggling the HIPS memory features.
MAC and HIPS memory protection provide the same level of protection. MAC's memory protection capabilities are completely signature agnostic - which also means that the event reporting is also very generic(aka does not have signature specific information).
HIPS reporting on the other hand has this advantage and also gives a method to provide admins a way to define signatures.
So depending on the environment(Connected vs isolated), one over another could be chosen.
But enabling one of them is sufficient.