3 Replies Latest reply on Dec 16, 2011 10:24 AM by Kary Tankink

    Adding rule to HIPS to block IP addresses

    epoNovice

      Hi Guys,

       

      Using Hips 7 and Updating to HIPS 8 next year

       

      I've been asked to block a large number of random IP addresses in the HIPS rulebase.

      I've had a look but can't work out which option to select to do them all in one rule.

       

      As they are not a set range and random I can't use the option "range"  does anyone have a solution or am I supposed to input each address manually as a "single address"???

       

      I tried entering like this  50.50.50.50, 50.42.53.52, 65.54.54.54, etc but it dosn't accept it as an entry.

       

      Cheers

        • 1. Re: Adding rule to HIPS to block IP addresses
          Kary Tankink

          With HIPS 7.0, you will need to add a separate firewall rule for each random single IP address.

          With HIPS 8.0, you can add multiple (random) single IP addresses in a single firewall rule.

          • 2. Re: Adding rule to HIPS to block IP addresses
            epoNovice

            Hey thanks for that.  I can see how you can add the addresses into one rule.

             

            Still wondering if its possible to add them in without creating a window for each single address (within the rule), I have nearly 400 addresses to add in and don't want to manually enter them or even have to copy and paste 400 times if I don't need to..

             

            Thanks again

            • 3. Re: Adding rule to HIPS to block IP addresses
              Kary Tankink

              Still wondering if its possible to add them in without creating a window for each single address (within the rule), I have nearly 400 addresses to add in and don't want to manually enter them or even have to copy and paste 400 times if I don't need to..

               

              It will have to be done manually via the ePO console until you upgrade to HIPS 8.0.  With HIPS 8.0, you will still need to enter each single IP address manually into a firewall rule (there is no import-type functionality).