Showing results for 
Search instead for 
Did you mean: 
Level 12

HIPS 7 Patch 8 blocking hierarchy

I have several machines with HIPS 7 Patch 8 installed ( ) and quite a few have a Network intrusion detected from an outside IP address. My question is shouldn't the HIPS firewall block that traffic before it becomes a Network intrusion detected event?  Thanks.

0 Kudos
1 Reply
McAfee Employee

HIPS 7 Patch 8 blocking hierarchy

The firewall can block that traffic (depending on your ruleset), but it will still synchronously trigger the Network IPS signature, as it's still being detected on the wire.

0 Kudos