3 Replies Latest reply on Feb 13, 2012 7:04 AM by Tristan

    Write or Convert 100s Application Blocking Rules in HIPS 7.x XML.

    DC-SG

      Hello All,


      I am new to HIPS Application Blocking.   My business environment has ePO 4.5, MR2 with HIPS 7.x.  I need to create Application Blocking Exception rules for 100s cases.

      My objective is to learn how write or create a template that I can fill in necessary data and convert completed template to ePO HIPS XML format.

       

      What I have done:

      1) For few rules, I don't mind using GUI interface. (Refer to the attachment).  But GUI interface is impractical for 1000s, even 100s, rules.

      Looking at GUI, I can tell that rules have common fields which can be filled in a Excel or even notepad sheet.  But the issue is how to convert notepad into HIPS 7x XML format.

       

      2) I thought I could export current ePO Application Blocking policy to XML, convert to Excel and notepad, and imitate it.  But without understanding the meaning of critical fields, I would not dare to continue.   (Refer to attachment.)

       

      Thank you for your assistance in advance.

       

      Best Regards,

       

      DC-SG

        • 1. Re: Write or Convert 100s Application Blocking Rules in HIPS 7.x XML.
          epoNovice

          You should have a default Learning mode policy and Adaptive mode policy that you can run for application blocking.  After running for a couple of weeks you should be able to generate a list.

           

          I've never done it first hand but heard of it being done

          • 2. Re: Write or Convert 100s Application Blocking Rules in HIPS 7.x XML.
            DC-SG

            Hi epoNovice,

             

            Thank you.  Adpative/Learn Mode will take time.  The application blocking exceptions, mentioned in my original posting, are known to us. I need to create rules for them and apply to policy.

             

            Regards,

            DC-SG.

            • 3. Re: Write or Convert 100s Application Blocking Rules in HIPS 7.x XML.
              Tristan

              Just some suggestions on reverse engineering your sample XML attachment.

               

              First two ?????? - Appear to define where the rule is location/stored

              TRUE,TRUE,TRUE,FALSE,1 - Would refer to tick boxes/options that appear when defining the rule in the GUI.

              Last ??????? - Would be the unique reference for the rule

               

              If your really serious in going down the route of manually generating the XML then i would suggest setting a test ePO server so that if you break it it will not affect anything.

               

              For the ????????'s if you create a number of random rules in the test server and export them then hopefully you'll start seeing a pattern in how the numbers increment.

              For the TRUE,TRUE,TRUE,FALSE,1 value export a number of different rules with different selections in the GUI and again you'll start to work out a pattern.

              1 of 1 people found this helpful