An error occurred:

Check: H36410

HBSS Host Intrusion Prevention: H36410 (in version v4 r13)

Title

(U//FOUO) The HIPS policy disallows the retention of existing client rules. (Cat II impact)

Discussion

Check Content

(U//FOUO) This check needs to be completed for every active policy that controls ePO agents. From the ePO server console, select the asset to be checked, then select ‘Policies,’ followed by ‘Host Intrusion Prevention 7:IPS’ from the product list. From the ‘IPS Options’ category, select the applicable policy. From the ‘IPS Options’ section, ensure the ‘Retain existing client rules when this policy is enforced’ is disabled. If the ‘Retain existing client rules when this policy is enforced’ is checked, this is a finding.

Fix Text

(U//FOUO) From the ePO server console, select the applicable policy to be checked for HIPS for the ePO server. Select IPS Options. From the IPS Options tab, ensure the “Retain existing Client Rules when this policy is enforced” is disabled.

Additional Identifiers

Rule ID: SV-15164r1_rule

Vulnerability ID: V-14546

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
No CCIs are assigned to this check

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
No controls are assigned to this check