1 2 Previous Next 10 Replies Latest reply on Aug 2, 2016 9:56 AM by Kary Tankink

    HIPS Unknown

    razi_hasan

      Hi All,

       

      Please help me to update HIPS unknown error , how to resolve this error??

      share the most possible ways to resolve this HIPS unknown error.

       

       

       

      Thanks in adv

      Razi

        • 1. Re: HIPS Unknown
          Peter M

          Moved from Security Awareness to Business > Host Intrusion Prevention for faster support.

          ---

          Peter

          Moderator

          • 2. Re: HIPS Unknown
            davidp64

            Hi Razi,

             

            Where you are facing this issue mean can you explain your issue in structured way.

             

            Provide some screencapture if possible.

            Thanks

            • 3. Re: HIPS Unknown
              razi_hasan

              Hi Piyush,

               

              I am facing the issue in HIPS status which shows "Unknown" in epo portal, client machine is windows 7 professional.

              When i am navigate to the System Tree within the ePolicy Orchestrator (ePO) 4.6 console and select any client computer to drill into the System Details page, the following message displays: HIPS Status Unknown.

              • 4. Re: HIPS Unknown
                davidp64

                Hi Razi,

                 

                How many machine behave like this.

                Take only one client machine for testing & follow these steps:

                1.Remove HIPS column(showing unknown) & readd it again.

                2.check whether is resolved or not.If not go ahead...

                3.Remove Hips for one client machine & reinstall it again.

                4.check issue report for testing client machine..

                 

                Happy to help you

                 

                Thanks

                • 5. Re: HIPS Unknown
                  razi_hasan

                  Thanks Piyush for prompt response.

                   

                  I have follow All steps that you have mentioned.

                  1. On daily basis 3-6 machines behave like this "HIPS unknown". why i don't know??

                  2. Yes removal and re-installation of HIPS works but some times it would not work (any registry issue??)

                  3. Is there any way to remove HIPS from EPO for particular host machine??

                   

                  Thanks in Adv

                  Razi

                  • 6. Re: HIPS Unknown
                    Kary Tankink

                    Verify if this is the issue:

                     

                    KB83100 - Host IPS 8.0 client software fails to report to ePolicy Server or enforce policy and uninstallation fails

                    • 7. Re: HIPS Unknown
                      davidp64

                      Hi Razi,

                      Queries Answer:

                      3.Yes,You can remove HIPS from a particular machine by the help of McAfee epo..

                      Select machine>>Action>>Run client task>> McAfee Agent>Product Deployment>Create new Task>>select HIPS in product list>>Action(select Remove)..

                      Wait till task completion...(see server task log)..

                       

                      Hope I make you understand...

                       

                      Thanks

                      • 8. Re: HIPS Unknown
                        Kary Tankink

                        FYI:  If the problem on the system is KB83100, then removing/reinstalling HIPS (or even using the HIPS Ripper tool) will not work.  You must specifically fix the registry by using the included KB instructions (reinstall isn't necessary usually either; just fix the registry corruption, then perform an Agent Wakeup call).

                        1 of 1 people found this helpful
                        • 9. Re: HIPS Unknown
                          cybercafe

                          Hi Kary

                           

                          Is there any update to this issue to resolve this with an uninstall/reinstall or remote way to fix the corruption.

                          Registry modification on each system is not easy on locked down environments.

                           

                          thanks.

                          1 2 Previous Next