Educause Security Discussion mailing list archives

Re: HIPS

From: "King, Ronald A." <raking () NSU EDU>
Date: Fri, 11 Sep 2009 14:59:10 -0400

We use Sophos as our endpoint protection solution.  We learned the hard way
that HIPS is a valuable addition to protecting the hosts when set to something
other than "alert only."  Just be prepared to monitor what it blocks/breaks so
it can be "authorized."  So far, only a few hosts have had anything legit
blocked.

Ronald King
Security Engineer
Norfolk State University
Marie V. McDemmond Center for Applied Research
Suite 401
700 Park Ave.
Norfolk, Virginia  23504
Phone:  757-823-3918
Fax: 757-823-2128
Email: raking () nsu edu
http://security.nsu.edu


-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steve Brukbacher
Sent: Friday, September 11, 2009 2:42 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] HIPS

We have McAfee available to us now....

--
Steve Brukbacher
University of Wisconsin Milwaukee
Information Security Architect
UWM Computer Security Web Site
www.security.uwm.edu
Phone: 414.229.2224
Main Office: 414.229.1100


----- Original Message -----
From: "Jessica Raymond" <Jessica.Raymond () UNCO EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU
Sent: Friday, September 11, 2009 1:28:46 PM GMT -06:00 US/Canada Central
Subject: Re: [SECURITY] HIPS

What technology are you using?
Jessica L. Raymond, CISSP
IT Security Analyst
Carter Hall
Office 0009-b
(970)351-1420 Office
(970)213-8928 Work Mobile

----- Original Message -----
From: The EDUCAUSE Security Constituent Group Listserv
<SECURITY () LISTSERV EDUCAUSE EDU>
To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU>
Sent: Fri Sep 11 12:25:42 2009
Subject: [SECURITY] HIPS

Anyone finding HIPS truly useful in helping reduce malware infections?
Any tips/strategies?  Things to watch out for?  How are you managing
false positives?

--
Steve Brukbacher, CISSP
University of Wisconsin Milwaukee
Information Security Architect
UWM Computer Security Web Site
www.security.uwm.edu
Phone: 414.229.2224

Attachment: smime.p7s
Description:

Current thread:

HIPS Steve Brukbacher (Sep 11)
- <Possible follow-ups>
- Re: HIPS Raymond, Jessica (Sep 11)
- Re: HIPS Steve Brukbacher (Sep 11)
- Re: HIPS Patrick Ouellette (Sep 11)
- Re: HIPS King, Ronald A. (Sep 11)
- Re: HIPS Theresa Semmens (Sep 11)
- Re: HIPS Raymond, Jessica (Sep 11)
- Re: HIPS dick . jacobson (Sep 12)
- Re: HIPS Raw, Randy (Sep 13)
- Re: HIPS King, Ronald A. (Sep 14)