2CA Host-Based Intrusion Prevention – CA HIPS Client Dashboard
I deployed the CA Host-Based Intrusion Prevention System in “verbose” mode so that I could see the local console. It can be deployed silently and with no local user interface. Notice that the firewall, intrusion prevention and operating system protection modules are also installed (see “POLICY INFORMATION,” lower left).
The CA HIPS management server uses an application repository to define application files, the trust status of those applications and other application characteristics that are used to generate whitelisting policy.
Managers can see at a glance if client systems have the latest version of firewall, IPS, application repository and OS protection policies in place on the client’s activity screen. However, the activity log can become bloated with operational notices that make it harder to find red flags.
7CA Host-Based Intrusion Prevention – Policies
Setting baseline inbound/outbound policy was a snap with CA HIPS (in yellow), which, along with the monitoring policy, allowed me to get a picture of normal activity on our monitored clients’ systems before implementing more stringent lockdown requirements.
8CA Host-Based Intrusion Prevention – See More Slide Shows Like This One
Oracle Database Users Lock Out Data Leak Security at Oracle OpenWorldby Brian PrinceAnti-virus Suite Features for 2009Browsers and Unsigned Certificatesby Larry SeltzerVirtualization Security 101by Brian Prince