cancel
Showing results for 
Search instead for 
Did you mean: 
norbertg
Level 12

Host Intrusion Prevention Content failing to update

Jump to solution

As per the subject. I've attached a screenshot.

0 Kudos
1 Solution

Accepted Solutions
nd_4_spd
Level 8

Re: Host Intrusion Prevention Content failing to update

Jump to solution

This bolded line below is showing that the product is not managed. If you removed the extensions for HIPS then the product will no longer be managed (content will not be updated and clients will not longer recieve policy). Verify this in the Menu -> Software -> Extensions. Hopefully you still have Host Intrustion Prevention listed in the left column, if so you should see the HIPS related extensions that are checked in on the right once you select HIPS.

Norbert Gregoczki wrote:

The Update Master Repository is succeding. I couldn't find anywhere to add HIPC to the task. I may have removed it from extensions by accident?

Here is the pull log for Update Master Repository over night:

12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8700\8.7.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8600\8.5.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\LMASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP1000\626\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP2000\401\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\DBSECDVMMETA\78.871\DVMCHECKS\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\MASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\SUPPMVTCT1000\1.0.9.213\MVTContentUpdate\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\ENCPTCNT6000\8.0.0.4671\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AMCORDAT1000\1240.1\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AUENGINEMETA\1094\BMContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\Findings\1069\FNDContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:36 AM INFO Downloading package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:53 AM INFO Checking in package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:59 AM INFO Package Current\VSCANDAT1000\6928.0000\DAT\0000 checked in

0 Kudos
9 Replies
nd_4_spd
Level 8

Re: Host Intrusion Prevention Content failing to update

Jump to solution

  Do you do the content pulls manually or with a server task? If you have a server task verify it is configured to pull the HIPS content.

0 Kudos
norbertg
Level 12

Re: Host Intrusion Prevention Content failing to update

Jump to solution

It should be Auto, although I probably accidently deleted it months ago. Do you know what the default pull job is called? Can you run me through how to create a new pull task? I don't use EPO that often nor do we have a dedicated Admin in our Org.

Thanks.

0 Kudos
nd_4_spd
Level 8

Re: Host Intrusion Prevention Content failing to update

Jump to solution

The default task name is Update Master Repository. You seem have a task keeping your VDAT package up-to-date at a minimum you can just add the HIPS content to that task if the Update Master Repo has been removed.

0 Kudos
norbertg
Level 12

Re: Host Intrusion Prevention Content failing to update

Jump to solution

The Update Master Repository is succeding. I couldn't find anywhere to add HIPC to the task. I may have removed it from extensions by accident?

Here is the pull log for Update Master Repository over night:

12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8700\8.7.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8600\8.5.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\LMASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP1000\626\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP2000\401\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\DBSECDVMMETA\78.871\DVMCHECKS\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\MASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\SUPPMVTCT1000\1.0.9.213\MVTContentUpdate\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\ENCPTCNT6000\8.0.0.4671\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AMCORDAT1000\1240.1\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AUENGINEMETA\1094\BMContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\Findings\1069\FNDContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:36 AM INFO Downloading package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:53 AM INFO Checking in package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:59 AM INFO Package Current\VSCANDAT1000\6928.0000\DAT\0000 checked in

0 Kudos
nd_4_spd
Level 8

Re: Host Intrusion Prevention Content failing to update

Jump to solution

This bolded line below is showing that the product is not managed. If you removed the extensions for HIPS then the product will no longer be managed (content will not be updated and clients will not longer recieve policy). Verify this in the Menu -> Software -> Extensions. Hopefully you still have Host Intrustion Prevention listed in the left column, if so you should see the HIPS related extensions that are checked in on the right once you select HIPS.

Norbert Gregoczki wrote:

The Update Master Repository is succeding. I couldn't find anywhere to add HIPC to the task. I may have removed it from extensions by accident?

Here is the pull log for Update Master Repository over night:

12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8700\8.7.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\VIRUSCAN8600\8.5.0\LangPack\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\LMASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP1000\626\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\PATCHTMP2000\401\Templates\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\DBSECDVMMETA\78.871\DVMCHECKS\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\MASECORE2000\2.2.0.9309\SpamEngine\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\SUPPMVTCT1000\1.0.9.213\MVTContentUpdate\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\ENCPTCNT6000\8.0.0.4671\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AMCORDAT1000\1240.1\DAT\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\AUENGINEMETA\1094\BMContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:35 AM INFO Skipping package Current\Findings\1069\FNDContent\\0000, no managed product installed

McAfeeHttp 12/17/12 6:59:36 AM INFO Downloading package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:53 AM INFO Checking in package Current\VSCANDAT1000\6928.0000\DAT\0000

McAfeeHttp 12/17/12 7:09:59 AM INFO Package Current\VSCANDAT1000\6928.0000\DAT\0000 checked in

0 Kudos
norbertg
Level 12

Re: Host Intrusion Prevention Content failing to update

Jump to solution

It's not checked into extensions. We don't use HIPC or at least can't see a need for it. What is the best way to remove HIPC from the dashboard?

0 Kudos
nd_4_spd
Level 8

Re: Host Intrusion Prevention Content failing to update

Jump to solution

Since you are not managing HIPS you can delete the Host Intrustion Prevention Content from your Master Repository. Once this is done it will no longer display in your McAfee Labs Threat Advisory as out of date.

0 Kudos
norbertg
Level 12

Re: Host Intrusion Prevention Content failing to update

Jump to solution

Would you recommend I re-enable HIPS?

0 Kudos
norbertg
Level 12

Re: Host Intrusion Prevention Content failing to update

Jump to solution

I've re-checked in the extension and ran a dat update and it now works.

We will revist whether we need HIPS or not in the new year with our IT consultant.

0 Kudos