1 Reply Latest reply on Jan 3, 2017 9:26 AM by Troja

    ENS 10.5, HIPS and MCP

    moratom

      Hello,

      I just deploy ENS 10.5 on my pc in order to test it befor to perform the depoy on my entire network.

      In my understanting, HIPS and MCP should have been included in the new ENS 10.5 engine and I would have expected to don't see them anymore installed on my PC by checking the information on my Agent.

      Nevertheless i still see both MCP and HIPS on my pc. Is this normal? Shouldn't them be removed during the installation?

      Did I got something wrong or all of this is correct?

       

      Many thanks in advance

      Matteo Morato

        • 1. Re: ENS 10.5, HIPS and MCP
          Troja

          Hello,

          no, HIPS is not completely included in ENS 10.5. ENS exploit prevention uses many HIPS detection rules already, but HIPS is not completely included into ENS. HIPS and ENS can coexist on your endpoint. If ENS Firewall is installed, the plugin should be automatically disabled.

          Today you can find many rulenames under "Exploit Prevention". From my actual Point of Information i do not know if any rule is included.

          • Additional, you cannot define user-defined IPS Signatures in ENS.

           

          MCP 2.3.0 uses the ENS platform. You can check this. Find "About McAfee Client Proxy" in the Start Menu. Check if ESPMode is on or off.If on, MCP runs on the ENS platform.

          Enclosed the info from the Manual:

           

          On a Windows-based computer, you can view the integration status of Client Proxy by opening the

          About McAfee Client Proxy window. If EspMode is set to ON, Client Proxy is installed and running on the

          Endpoint Security Platform.

           

          Hope this helps,

          Cheers