1 Reply Latest reply on Feb 5, 2015 1:32 PM by Kary Tankink

    Network IPS Info

    neostad

      We're just starting to implement McAfee Host Intrusion Prevention in our company.

       

      We've noticed a feature under options called "Network IPS enabled"

       

      There is no description for this feature and I can't find any documentation for it anywhere.

       

      Does anyone have any information or websites that can explain NIPS to me please?

       

      I'd like to know if this is a feature we should enable.

       

      Thanks

        • 1. Re: Network IPS Info
          Kary Tankink

          PD22894 - Host Intrusion Prevention 8.0 for ePO 4.5 Product Guide

          https://kc.mcafee.com/corporate/index?page=content&id=PD22894

           

          Page 31

           

          Network IPS signatures

          Network IPS protection also resides on individual systems. All data that flows between the

          protected system and the rest of the network is examined for an attack. When an attack is

          identified, the offending data is discarded or blocked from passing through the system.

          These signatures:

          • Protect systems located downstream in a network segment.

          • Protect servers and the systems that connect to them.

          • Protect against network denial-of-service attacks and bandwidth-oriented attacks that deny

          or degrade network traffic.

          Host Intrusion Prevention contains a default list of a small number of network IPS signatures

          for Windows platforms. You can edit the severity level, log status, and client rule creation setting

          of these signatures, but you cannot presently add custom network signatures. The list of

          signatures is updated if needed whenever you install a content update.