Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
246 Views 1 Reply Latest reply: Dec 19, 2013 1:32 PM by Kary Tankink RSS
greatscott Champion 283 posts since
Jul 18, 2011
Currently Being Moderated

Dec 19, 2013 10:37 AM

Application Protection list in HIPS Client UI

How can a person validate if a specific Application Protection Rule (defined in an IPS Rules policy), has been applied to a system? I keep making Application Protection test rules, either an "Exclude" or an "Include" rule, and neither shows up in my Application Protection list, within the HIPS Client UI. I see a bunch of other prepopulated rules, but not the one I made a "test.exe" rule for. Am I even looking in the right spot? This is despite several wake up calls.

  • Kary Tankink McAfee Employee 655 posts since
    Mar 3, 2010
    Currently Being Moderated
    1. Dec 19, 2013 1:32 PM (in response to greatscott)
    Re: Application Protection list in HIPS Client UI

    If you INCLUDE a process, then when that process runs on the system, you will see it in the HIPS ClientUI App Protection List tab.

    If you EXCLUDE a process, then when that process runs on the system, you will NOT see it in the HIPS ClientUI App Protection List tab.

     

    You won't see that entry unless you have a process running in memory with that exact Exectuable criteria.  Also, the process must be restarted if it's already running when a new INCLUDE/EXCLUDE rule is applied.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points