3 Replies Latest reply on Nov 6, 2014 7:53 AM by greatscott

    HIPS 8.0 P2 default action

    kink80

      We have some machines running HIPS 8.0 P2 that are blocking access to our organizations main website at certain seemingly sporadic times. I can see its IP address being blocked in the HIPS logs. When we disable the HIPS firewall the user is able to navigate to the site with no issues. If you turn HIPS firewall back on it go back to blocking it. As I said this does not happen all the time just some of the time which makes this issue hard to track. My question is if one of the machines in question is getting "overwhelmed" with network traffic does HIPS ever stop processing the policy applied rules and just start to block everything under the "Block All Traffic" rule? This seems to be what is happening. If we turn HIPS off and allow the ePO policy to turn it back on when our policy enforcement task runs it seems to correct itself and work while HIPS id turned on. Anyone ever seen something like this? Thanks in advance.