am trying to find a way to renable a list of server that had the hips enabled. For some reason the check mark was uncheked and it would take a lot of time go one by one cheking them all again. Its there anyway from the EPO to make them Enable again? Thanks.
Epo 4.5 / 4.6
Hips Version 7 /8
For this instance, I would do the following:
Create a "Managed Systems" query, select a table format, and in the "Filter" tab, select the "Host IPS Properties" section, select "HIPS Status" and select "disabled".
Run this query to see if it gives you a list of systems with Host IPS Disabled.
Save this query.
Create a Tag in the "Tag Catalog". Call it something like "Turn on HIPS"
Create a "Server Task", and set the "Actions" to "Run Query". For the "Sub Actions" field, select "Apply Tag". Select your new tag you just created.
Schedule the task to run in like 5-10 minutes. Make sure you "save" the task.
Configure your tag based policy assignment to assign a policy that has HIPS enabled. This will turn HIPS on when this server task is run, and your systems check in.
This is of course assuming you have ePO 4.6 installed.
Hey, I'm sorry to reply to a message so late, but I just found this via Google. For anyone else who might run across this same question, I created a modified version of the query that greatscott listed. His orginal instructions were very close to what I wanted, but did not return any results in its orginal form. (Basically I needed to run a query and find machines that had McAfee Security Status set to "service is not running" and gave me a red checkmark in the McTray.exe.)
I didn't bother with the automated part, as I do not have authority over every system on my network and didn't want to mess with other peoples settings (although it's definatly good to message them about it! )
At this point, if you want to do this by hand, all you need to do is: