I want to install about 5000 endnodes with McAfee HIPS 8.0. Installation is only allowed by a third party deployment. We did this with HIPS 7.0. We stopped the HIPS agent with the client control utility and copied the fireprefs.txt file to the client. After this we started the agent again and all was fine.
Is this possible in any way with HIPS 8.0??
Goal should be:
- a deployment package where the actual ruleset from epo is included.
- or any way where the firewall ruleset can be added without epo
Many clients are imaged outside the corporate network. This can also be done by the user. After installing VSE and HIPS the client can establish a VPN Tunnel and the client will be joined to the domain.
But this is only possible when the customer firewall rulset is implemented.
This is not possible with HIPS 8.0 due to how the configuration is stored in the registry (registry dump does not work either). The HIPS configuration must be retrieved from the ePO server, by the McAfee Agent, after installation. However, HIPS 8.0 can be installed and configured, with the policy already in place by the McAfee Agent, within an image, but configuration changes/content updates must be made with the McAfee Agent and ePO server connectivity.
KB73908 - Host Intrusion Prevention 8.0 support for deployment via a system image
HIPS is an ePO-managed product only. There is not a way to locally configure the product, without ePO server management.