cancel
Showing results for 
Search instead for 
Did you mean: 
shocko
Level 9
Report Inappropriate Content
Message 1 of 2

HIDS Stability and Flexibility

We are using ePO and VSE 8.8 U13. I'd like to start using the firewall component (HIDS I believe) on our windows 10 1809 estate. How reliable is the HIDS component? Anyone any horror stories on Windows with it? Is it generally stable and easy to configure? 

1 Reply
McAfee Employee Gladiator99
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: HIDS Stability and Flexibility

Thank you for posting your query "HIPS Stability and Flexibility"

Best practices
When you create or customize a firewall rules policy, place the more specific rules at the top of the list, and the more general rules at the bottom. This ensures that Host Intrusion Prevention filters traffic appropriately.

For example, to allow all HTTP requests except from a specific address (for example, IP address 10.10.10.1), you need to create two rules:
• Block Rule — Block HTTP traffic from IP address 10.10.10.1. This rule is more specific.
• Allow Rule — Allow all traffic using the HTTP service. This rule is more general.

You must place the more specific Block Rule higher in the firewall rules list than the more general
Allow Rule. This ensures that when the firewall intercepts the HTTP request from address
10.10.10.1, the first matching rule it finds is the one that blocks this traffic through the firewall.
If you placed the more general Allow Rule higher than the more specific Block Rule, Host
Intrusion Prevention would match all HTTP requests against the Allow Rule before it found the
Block Rule. It would thus allow the traffic, even though you wanted to block the HTTP request
from a specific address.

HIPS 8.0 Patch 12 and later support Windows 10 October 2018 Update - version 1809 (32-bit and 64-bit)

Please refer to the Supported platforms, environments, and operating systems for Host Intrusion Prevention 8.0
https://kc.mcafee.com/corporate/index?page=content&id=KB70778

Please refer to the below KB article for Host Intrusion Prevention 8.0 Patch 13 for Windows known issues
https://kc.mcafee.com/corporate/index?page=content&id=KB91514

Please refer to the below link for the HIPS 8.0 patch 13 release notes
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/28000/PD28342/en_US/...

Please refer to the below link for the HIPS 8.0 patch 12 release notes
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/28000/PD28084/en_US/...

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Best Regards,
Gladiator99
McAfee Technical Support

Was my reply helpful?
If you find this post useful, Please give it a Kudos! l Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community