Wonder if anyone else seen this issue. We've just began a test rollout of HIPS to our clients. What we've discovered is that after the install machines would start locking up, at least once every couple of hours. Yes, we are doing a reboot after the install. Turning off IPS portion resolved the issue even though the IPS was running in log high alerts and ignore all else. We did have a few users that were working just fine though. We traced the difference to those users having Windows XP service pack 3 installed. So with SP3 installed we could turn on the IPS portion and it would work just fine. Any ideas? Thx
To answer your question. HIPS product was never upgraded. All of our installs were done with HIPS 7 integrated with Patch2. So machines that have Windows Service Pack 2 are crashing and the machines having XP Service Pack 3 are working fine. I have the debug logging enabled so hopefully it's just a signature that needs to be turned off.
Thanks for your reply. We've finally narrowed down the problem to a conflict between McAfee HIPS 7 and Citrix EdgeSight 4.5. Apparently EdgeSight is not compatible with it. We've temporarily removed winlogon.exe from the list of protected applications which resolved our problem, until either McAfee or Citrix release a fix for it.