Moved from Security Awareness to Business > Host Intrusion Prevention for faster support.
Where you are facing this issue mean can you explain your issue in structured way.
Provide some screencapture if possible.
I am facing the issue in HIPS status which shows "Unknown" in epo portal, client machine is windows 7 professional.
When i am navigate to the System Tree within the ePolicy Orchestrator (ePO) 4.6 console and select any client computer to drill into the System Details page, the following message displays: HIPS Status Unknown.
How many machine behave like this.
Take only one client machine for testing & follow these steps:
1.Remove HIPS column(showing unknown) & readd it again.
2.check whether is resolved or not.If not go ahead...
3.Remove Hips for one client machine & reinstall it again.
4.check issue report for testing client machine..
Happy to help you
Thanks Piyush for prompt response.
I have follow All steps that you have mentioned.
1. On daily basis 3-6 machines behave like this "HIPS unknown". why i don't know??
2. Yes removal and re-installation of HIPS works but some times it would not work (any registry issue??)
3. Is there any way to remove HIPS from EPO for particular host machine??
Thanks in Adv
3.Yes,You can remove HIPS from a particular machine by the help of McAfee epo..
Select machine>>Action>>Run client task>> McAfee Agent>Product Deployment>Create new Task>>select HIPS in product list>>Action(select Remove)..
Wait till task completion...(see server task log)..
Hope I make you understand...
1 of 1 people found this helpful
FYI: If the problem on the system is KB83100, then removing/reinstalling HIPS (or even using the HIPS Ripper tool) will not work. You must specifically fix the registry by using the included KB instructions (reinstall isn't necessary usually either; just fix the registry corruption, then perform an Agent Wakeup call).
Is there any update to this issue to resolve this with an uninstall/reinstall or remote way to fix the corruption.
Registry modification on each system is not easy on locked down environments.