0 Replies Latest reply: Dec 19, 2012 7:35 AM by syd RSS

    HIPS 8 Patch 2 on Server 2008R2 (X64) with SQL server 2008SP1 loaded

    syd

      I have been testing HIPS 8 Patch 2 on our ePO server (ePO 4.5.6, Server 2008R2 64bit, with SQL server 2008SP1). I am monitoring both the HIPS GUI log (McAfeeFireLog) as well as the HipShield.log. The HipShield.log is filling with:

       

      "Error: 0x7f8,xxx Failure analyzing query. Query will not be blocked. - code 0xe0009001 - UnknownErrorCode"

       

      I initially thought this might be due to an issue with the migrated HIPS 7 IPS rule I was using. So, to eliminate this I isolated the server and applied the "McAfee default" rule. I checked the logs the following day and the errors are still streaming out, I mean reeeeaallly streaming out. This did not occur with HIPS 7 and I would like to determine the reason behind this (or at least see if someone else has seen this) before I proceed deployment of HIPS 8 to other servers.

       

      Any takers?

       

      Thanks

      Syd