For this instance, I would do the following:
Create a "Managed Systems" query, select a table format, and in the "Filter" tab, select the "Host IPS Properties" section, select "HIPS Status" and select "disabled".
Run this query to see if it gives you a list of systems with Host IPS Disabled.
Save this query.
Create a Tag in the "Tag Catalog". Call it something like "Turn on HIPS"
Create a "Server Task", and set the "Actions" to "Run Query". For the "Sub Actions" field, select "Apply Tag". Select your new tag you just created.
Schedule the task to run in like 5-10 minutes. Make sure you "save" the task.
Configure your tag based policy assignment to assign a policy that has HIPS enabled. This will turn HIPS on when this server task is run, and your systems check in.
This is of course assuming you have ePO 4.6 installed.
Hey, I'm sorry to reply to a message so late, but I just found this via Google. For anyone else who might run across this same question, I created a modified version of the query that greatscott listed. His orginal instructions were very close to what I wanted, but did not return any results in its orginal form. (Basically I needed to run a query and find machines that had McAfee Security Status set to "service is not running" and gave me a red checkmark in the McTray.exe.)
- Queries and reports
- Managed Systems
- Table, Sort By "System Name" (or however you want your results to be sorted)
- Put in whatever for Chart Feild. I only needed Last Communcation, System Name and IP Address, for example.
- Host IPS Properties, Service Running (Host IPS) and leave the search field set as disabled
I didn't bother with the automated part, as I do not have authority over every system on my network and didn't want to mess with other peoples settings (although it's definatly good to message them about it! )
At this point, if you want to do this by hand, all you need to do is:
- access services.msc as administrator
- McAfee Host Intrusion Prevention Service, Properties
- Startup Type, Automatic, Ok
- Right click the service, Start