cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

HIPS Vs VSE

Jump to solution

Hii,

Can anyone have some ideas about difference between HIPS and VSE. Difference in there functions..scenarios will be really appreciate..

1 Solution

Accepted Solutions
Highlighted
Level 13
Report Inappropriate Content
Message 4 of 5

Re: HIPS Vs VSE

Jump to solution

HIPS is an additional layer of protection over VirusScan that can prevent malware from executing on the endpoint should VirusScan signatures miss it.

It monitors system activity and uses pre-defined or customizable set of signatures to recognize suspicious program behavior. When this type of activity is identified, HIPS can prevent the offending program from executing its malicious payload.

Scenario where HIPS is often used are:

- Protect software program like browsers, flash, java that cannot be patched right away or don't have a patch yet from the vendor against zero-day web exploits.

- HIPS can monitor network packets coming to or from that specific host (block network exploits that worms like Conficker or Slammer abuse to spread)

- Log or prevent system modifications a malicious user could make in order to circumvent security policies (user tampering with registry, system files or logs)

Also read past threads on this topic.

View solution in original post

4 Replies
Highlighted
Level 13
Report Inappropriate Content
Message 2 of 5

Re: HIPS Vs VSE

Jump to solution
Highlighted

Re: HIPS Vs VSE

Jump to solution

Vinoo,

Thanks for your update but i am not getting clarity from those links.Can you please make me understand with 5-6 difference scenarios points.like on which point HIPS comes in picture...

Highlighted
Level 13
Report Inappropriate Content
Message 4 of 5

Re: HIPS Vs VSE

Jump to solution

HIPS is an additional layer of protection over VirusScan that can prevent malware from executing on the endpoint should VirusScan signatures miss it.

It monitors system activity and uses pre-defined or customizable set of signatures to recognize suspicious program behavior. When this type of activity is identified, HIPS can prevent the offending program from executing its malicious payload.

Scenario where HIPS is often used are:

- Protect software program like browsers, flash, java that cannot be patched right away or don't have a patch yet from the vendor against zero-day web exploits.

- HIPS can monitor network packets coming to or from that specific host (block network exploits that worms like Conficker or Slammer abuse to spread)

- Log or prevent system modifications a malicious user could make in order to circumvent security policies (user tampering with registry, system files or logs)

Also read past threads on this topic.

View solution in original post

Highlighted
Level 7
Report Inappropriate Content
Message 5 of 5

Re: HIPS Vs VSE

Jump to solution

I'd like to point out some key differences:

1) HIPs provides the ability to depict executables by hash, dig. cert., or description.... VSE does not.

2) HIPS provides the ability to do exceptions by user and a few other things... VSE does not.

3) HIPS has the ability to go beyond the File/Folder, Registry, and Port method and can also do hooks and specific programs, for example.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community