4 Replies Latest reply on May 11, 2011 4:00 AM by daz chauhan

    Testing question - IPS protection levels

      Hi

      I installed HIPS 8 and it is set up and running fine. I am now looking and the different types of events and how they are handled so set the IPS Protection to log only for critcal (high) severity events to monitor and test. I created a double file extension (ie calc.exe.com), troed to run it but it was blocked (signature id 413).

      Adaptive mode not set. IPS protection policy is set to log for high and medium severities so why is it blocking the double file extension execution, should it allow it and just log the event since currently it does not appear to be abiding to the IPS protection policy?

       

      Please help, thanks

       

      on 10/05/11 05:38:30 CDT