Check: H36210
HBSS Host Intrusion Prevention:
H36210
(in version v4 r13)
Title
(U//FOUO) The HIPS IPS engines are active. (Cat II impact)
Discussion
Check Content
(U//FOUO) This check needs to be completed for every active policy that controls ePO agents. From the ePO server console, select the asset to be checked, then select ‘Policies,’ followed by ‘Host Intrusion Prevention 7: General’ from the product list. From the ‘Client UI’ category, select the applicable policy. From the ‘Troubleshooting’ tab, within the Enable IPS Engines section, ensure all the engines are checked. If all the engines are not checked, this is a finding.
Fix Text
(U//FOUO) Configure HIPS to have all the IPS engines active.
Additional Identifiers
Rule ID: SV-19284r1_rule
Vulnerability ID: V-17893
Group Title:
Expert Comments
Expert comments are only available to logged-in users.
CCIs
CCIs tied to check.
| Number | Definition |
|---|---|
| No CCIs are assigned to this check |
Controls
Controls tied to check. These are derived from the CCIs shown above.
| Number | Title |
|---|---|
| No controls are assigned to this check |