0 Replies Latest reply on Aug 27, 2014 1:08 PM by thurmanw1

    Permission Set to Create Exception for HIPS Event

    thurmanw1

      I came across an Unanswered question that had been posted by "ewinglane" back in 2010.  I would have replied to the post, but it had been archived.  Since I came across the same issue today, I figured that I share it.  Perhaps it will help someone else.  The original post (question) can be found at:  https://community.mcafee.com/thread/23483?start=0&tstart=0  "Permission Set to Create Exception for HIPS Event"

       

      In my case, at one particular site, the managers decided to use a different naming convention for all their users.  To accomodate the naming change, I created new accounts for each Site Administrator and added the accounts to the existing Site Administrator's group.  This gave the new accounts all the same permissions as the old (soon to be deleted) accounts.  I also informed the Site Administrators to be sure to move any private queries with their Shared Group.  Policy ownership briefly crossed my mind, but I got involved with something else and forgot about it until today when one of the Site Administrators couldn't create an Exception from an event in the Host IPS Events section.   When attempting to create a new Exception, he received a notice stating, "No available target policies".  The thing that I had forgotten was, though the new accounts were members of the Site Administrators group,  they were not owners of any policies.   Therefore, there were no policies available for them to manage.

       

      The Fix:

      Go to the Policy Catalog - (Menu\Policy\Policy Catalog)

      Select "Host Intrusion Prevention 8.0:IPS" in the Product dropdown and "IPS Rules" in the Category dropdown.

      Find the Policies that will be maintained by the Site Administrators, then in the "Owner" column, click the hyperlink (by default, it's Global Administrators).

      Now find each Site Administrator's account name and place a checkmark in the box.

      Select "Save" to complete the process.

       

      ePO:  4.6.278

      HIPS:  8.0.4.838