cancel
Showing results for 
Search instead for 
Did you mean: 
twenden
Level 13
Report Inappropriate Content
Message 1 of 6

HIPS 7.0 has been released

FYI,

Yesterday, I noticed that HIPS 7.0 was available for download under our grant number.

Below are the new features.

Release Notes for McAfee® Host Intrusion Prevention 7.0.0

New features

New and updated features in the current release of the software are described below:

* Windows Vista 32-bit and 64-bit support.
* Windows 2003 64-bit support.
* Terminal Server and multiple user sessions support.
* Network Connection Isolation, which prevents undesirable traffic from accessing a designated network via other active network interfaces on a computer, such as a wireless adapter connected to a wi-fi hotspot.
* Boot-time quarantine that keeps a computer quarantined and blocks network connections at start-up until a firewall policy is loaded.
* Troubleshooting enhancement that allows client troubleshooting to be performed from the ePolicy Orchestrator console.
* IPv6 Support: Where an IP address is required, the user interface will accept both IPv4 and IPv6 addresses.
5 Replies

RE: HIPS 7.0 has been released

Just reading the release notes and it reads like alph or beta release, its got a huge amount of issues.

Definetely waiting till patch 1, shame as we have a few 64 bit machines with no protection ATM.

Guess I'll be the guinea pig till patch 1. Anyone else running this yet? Any big problems?
mdyer
Level 7
Report Inappropriate Content
Message 3 of 6

Been running it since beta



The only problem I've run into is a really complex issue with vmware bridged mode. Basically the firewall isn't acting statefully so I have to manually open up inbound ports to get around the issue (it's at tier III right now and I expect it to be resolved soon). Other than that problem, no issues at all.

RE: Been running it since beta



What ports do you have to open?

We have an issue with XP vm's running on ESX servers. Sometimes RDP sessions do not work. A reboot is required.
mdyer
Level 7
Report Inappropriate Content
Message 5 of 6

Manually specify ports

We have to manually open whatever port is needed by the specific application for the return response. For example, if I do an outbound dns lookup request I have to have a rule that opens up the port for the inbound reply (53) and this rule has to be for all IPs. If I try to write a rule that targets only the bridged address the reply will get blocked. It's an ugly problem but I expect that we'll get it resolved shortly.
ypae
Level 7
Report Inappropriate Content
Message 6 of 6

HIPS 7.0 and VMware Bridged Network issue



Did you get a response on VMware Bridged Network Stateful Firewall issue?

When I deployed HIPS 7.0 globally for 7000 desktops, now all VMware workstation sessions cannot communicate to other network resources unless either I turn off the firewall or change ethernet settings from Bridged to NAT.

NAT might be the workaround but there are a few VMware sessions that require real IP address that were issued by corporate DHCP server.

If you have any idea or workaround, please let me know. Thanks,