cancel
Showing results for 
Search instead for 
Did you mean: 

HIPS 7.0 exporting rules?

Jump to solution

I have tested this HIPS 7.0 client on Windows XP Professional. I would like to export rules i have tested and use these rules as default in all machines. How can i export firewall rules from HIPS 7 client?

1 Solution

Accepted Solutions
sudeepg
Level 10
Report Inappropriate Content
Message 6 of 7

Re: HIPS 7.0 exporting rules?

Jump to solution

Check under Reporting->Host IPS-> IPS Client rules or F/W Client Rules or Application Blocking Client rules

Make sure you selcet the correct group.

For ePO 4.5: Menu->Reporting->Host IPS->IPS Client rules or F/W Client Rules or Application Blocking Client  rules

6 Replies

Re: HIPS 7.0 exporting rules?

Jump to solution

Hi Kos_McAfee,

Where to find policies


ePolicy Orchestrator provides two locations to view and manage Host Intrusion Prevention
policies:
• Systems | System Tree | Policies tab of a selected group in the System Tree
• Systems | Policy Catalog


Policies tab


Use the Policies tab to view the policies of a particular feature of the product, view details of
the policy, view inheritence information, edit policy assignment, and edit custom policies or
create a new policy relating to a selected group or system.

Policy Catalog


Use the Policy Catalog to create policies, view and edit policy information, view where a policy
is assigned, view the settings and owner of a policy, and view assignments where policy
enforcement is disabled.


To... Do this...
Create a policy Click New Policy, name it, and edit the settings.
Edit a policy Click Edit (only available for My Default or custom policies).
View a policy Click View (only available for McAfee Default or preconfigured policies).
Click Rename and change the name of the policy (not available for default or preconfigured policies).
Rename a policy
Duplicate a policy Click Duplicate, change the name of the policy, and edit the settings.
Managing Your Protection
Management of policies
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0 17


To... Do this...
Click Delete (not available for default or preconfigured policies).
NOTE: When you delete a policy, all groups to which it is currently applied
inherit the policy of this category from their parent. Before deleting a policy,
Delete a policy
look at all of the nodes to which it is assigned, and assign a different policy
if you don’t want the policy to inherit from the parent. If you delete a policy
that is applied at the top level, the default policy of this category is applied.
Click the owner of the policy and select another owner from a list (not available
for default or preconfigured policies).
Assign a policy owner


Click Export, then name and save the policy (an XML file) to the desired location.


Export a policy


Click Export all policies, then name and save the policy XML file to the
desired location.
Export all policies
Click Import at the top of the Policy Catalog page, select the policy XML file,
then click OK.
Import policies
For details on any of these features, refer to the ePolicy Orchestrator 4.0 documentation.

I hope the above helps.

Sameer.

Please mark the answer as correct or helpful if it was useful so that others can use it as a ready reference.

Re: HIPS 7.0 exporting rules?

Jump to solution

Hello Sameer,

I know how i can export policies from EPO server but i need to know how its done from Windows XP workstation? Situation is this... I have tested this HIPS client in workstation. I have teached rules how to manage with programs. Now everything is like i want it to be and i would like to "upload" these rules to EPO server. So i would like to use these rules like Firewall rules for computers. Is this possible?

Highlighted
bgable
Level 11
Report Inappropriate Content
Message 4 of 7

Re: HIPS 7.0 exporting rules?

Jump to solution

All of the client learned rules should be going back to ePO as properties.  The Property Translator server task should convert these into client rules which you can view and apply to any named policy.  Once you've done that, you can export the policy.  The property Translator task can be run manually or will run automatically every 10 minutes be default.   If you are not seeing any rules coming back, ensure you have the option to retain client rules checked in your policy (this is the default setting).  After applying the rules you want to a named policy, you can uncheck "Retain client rules" and they will clear out after an asci.

Re: HIPS 7.0 exporting rules?

Jump to solution

Ok i processed the Property Translator server task. Where these rules should be found? Under computers details ( System Details -> Host Intrusion Prevention -> More ) i can see those rules but i cant see exported rules in Policy pages. This should be little easier that this... 😃

sudeepg
Level 10
Report Inappropriate Content
Message 6 of 7

Re: HIPS 7.0 exporting rules?

Jump to solution

Check under Reporting->Host IPS-> IPS Client rules or F/W Client Rules or Application Blocking Client rules

Make sure you selcet the correct group.

For ePO 4.5: Menu->Reporting->Host IPS->IPS Client rules or F/W Client Rules or Application Blocking Client  rules

Re: HIPS 7.0 exporting rules?

Jump to solution

Correct answer... Now i found those rules and added rules to policy. Thanks a lot for everybody and specially for Sudeep Garg.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community