cancel
Showing results for 
Search instead for 
Did you mean: 
hbss_admin
Level 9

Looking for some good HIPS documentation

I'm trying find some official McAfee documentation (or good documentation from any source) that deals specifically with how to best utilize the learning and adaptive modes of HIPS. We have a bunch of mission critical servers that I don't want to just dive in with HIPS turned on full blast, and we don't have a lab to do extensive testing before deployment.

I looked through the McAfee documentation page and found 31 links but didn't see anything that appeared to address this specific topic.

Thanks - PG

5 Replies
McAfee Employee

Re: Looking for some good HIPS documentation

Please see the Host IPS Best Practices guide, page 14.

PD20796 - Adopting Host Intrusion Prevention - Best practices for quick success

0 Kudos
hbss_admin
Level 9

Re: Looking for some good HIPS documentation

That looks good - thanks.

0 Kudos
donaredmac
Level 7

Re: Looking for some good HIPS documentation

I think you might find these to be helpful:

PD20796 - Adopting Host Intrusion Prevention - Best Practices for quick success

PD20748 - Host Prevention 7.s Adaptive Mode

Or have you already looked at them ?

Regards...DM

hbss_admin
Level 9

Re: Looking for some good HIPS documentation

I downloaded the 1st one. The 2nd one was a bit too generic and high level. I was looking for a little more detail.

Thanks.

0 Kudos
McAfee Employee

Re: Looking for some good HIPS documentation

PD20748 documents the limitations of Host IPS Adaptive/Learn mode.  I would recommend reading this guide as well to understand what Host IPS be learn and not learn, as you are tuning the policies.