Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Working with <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> Clients<br />
Overview of the Windows client<br />
Troubleshooting the Windows client<br />
<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> includes a Troubleshooting option on the Help menu, which is<br />
available when the interface is unlocked. Options include enabling IPS and firewall logging and<br />
disabling system engines.<br />
Figure 37: Troubleshooting Options<br />
NOTE:<br />
<strong>McAfee</strong> provides a utility (ClientControl.exe) to help automate upgrades and other maintenance<br />
tasks when third-party software is used <strong>for</strong> deploying <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> on client<br />
computers. This command-line utility, which can be included in installation and maintenance<br />
scripts to temporarily disable IPS protection and activate logging functions, is available from<br />
the <strong>McAfee</strong>.com product download site. Refer to the documentation that accompanies the utility<br />
<strong>for</strong> directions on usage, including details on parameters and security<br />
Setting options <strong>for</strong> IPS logging<br />
As part of troubleshooting you can create IPS activity logs that can be analyzed on the system<br />
or sent to <strong>McAfee</strong> support to help resolve problems. Use this task to enable IPS logging.<br />
Task<br />
1 Select the IPS Enable Logging checkbox.<br />
2 Select the message type (All or a combination of In<strong>for</strong>mation, Warning, Debug, Error,<br />
Security Violations). At a minimum, you must select Error and Security Violations.<br />
3 Click OK. The in<strong>for</strong>mation is written to C:\Documents and Settings\All Users\Application<br />
Data\<strong>McAfee</strong>\<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong>\HipShield.log; on Windows Vista: C:\Program<br />
Data\<strong>McAfee</strong>\<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong>\HipShield.log. After the file reaches 100 MB, a new<br />
file is created.<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong><br />
89