1 Reply Latest reply on Apr 6, 2010 1:39 PM by bgable

    A couple of HIPS event log queries

      I've been using HIPS (7.0.0, build 1102) for a while and have come across a couple of things I'd like to clear up.

       

      Why does some traffic appear in the log as blocked but there is no specific blocking rule? E.g. I have blocked incoming UDP on the local subnet (which is added as a trusted network) yet there isn't a single blocking rule in my policy?

       

      Why, in this case doesn't HIPS create an exception if it is in adaptive mode?

       

      If anyone can provide some guidance here it would be much appreciated.