Educause Security Discussion mailing list archives
Re: HIPS
From: "King, Ronald A." <raking () NSU EDU>
Date: Mon, 14 Sep 2009 10:48:10 -0400
HIPS is installed on both servers and workstations. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Fax: 757-823-2128 Email: raking () nsu edu http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of dick.jacobson () NDUS EDU Sent: Saturday, September 12, 2009 10:43 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HIPS Are you talking about server HIPS or endpoint HIPS ? We have been having this discussion for a while.
We use Sophos as our endpoint protection solution. We learned the hard way that HIPS is a valuable addition to protecting the hosts when set to something other than "alert only." Just be prepared to monitor what it blocks/breaks so it can be "authorized." So far, only a few hosts have had anything legit blocked. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Fax: 757-823-2128 Email: raking () nsu edu http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Steve Brukbacher Sent: Friday, September 11, 2009 2:42 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HIPS We have McAfee available to us now.... -- Steve Brukbacher University of Wisconsin Milwaukee Information Security Architect UWM Computer Security Web Site www.security.uwm.edu Phone: 414.229.2224 Main Office: 414.229.1100 ----- Original Message ----- From: "Jessica Raymond" <Jessica.Raymond () UNCO EDU> To: SECURITY () LISTSERV EDUCAUSE EDU Sent: Friday, September 11, 2009 1:28:46 PM GMT -06:00 US/Canada Central Subject: Re: [SECURITY] HIPS What technology are you using? Jessica L. Raymond, CISSP IT Security Analyst Carter Hall Office 0009-b (970)351-1420 Office (970)213-8928 Work Mobile ----- Original Message ----- From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> To: SECURITY () LISTSERV EDUCAUSE EDU <SECURITY () LISTSERV EDUCAUSE EDU> Sent: Fri Sep 11 12:25:42 2009 Subject: [SECURITY] HIPS Anyone finding HIPS truly useful in helping reduce malware infections? Any tips/strategies? Things to watch out for? How are you managing false positives? -- Steve Brukbacher, CISSP University of Wisconsin Milwaukee Information Security Architect UWM Computer Security Web Site www.security.uwm.edu Phone: 414.229.2224
Attachment:
smime.p7s
Description:
Current thread:
- HIPS Steve Brukbacher (Sep 11)
- <Possible follow-ups>
- Re: HIPS Raymond, Jessica (Sep 11)
- Re: HIPS Steve Brukbacher (Sep 11)
- Re: HIPS Patrick Ouellette (Sep 11)
- Re: HIPS King, Ronald A. (Sep 11)
- Re: HIPS Theresa Semmens (Sep 11)
- Re: HIPS Raymond, Jessica (Sep 11)
- Re: HIPS dick . jacobson (Sep 12)
- Re: HIPS Raw, Randy (Sep 13)
- Re: HIPS King, Ronald A. (Sep 14)