rgoldman 2 Posted May 13, 2020 Share Posted May 13, 2020 Can someone point me to a good and thorough resource/info on setting up HIPS. I'm testing it with a few devices in learning mode and then policy mode after that but not sure if I'm understanding right. Thanks for any info. Cheers. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,609 Posted May 13, 2020 Administrators Share Posted May 13, 2020 I would not recommend using the policy-based mode. Installed applications update as well as the OS does so you might need to update HIPS rules with each update to keep the applications and the OS in a working state. We recommend using the automatic or smart mode and manually create HIPS rules depending on what you want to achieve. Link to comment Share on other sites More sharing options...
rgoldman 2 Posted May 13, 2020 Author Share Posted May 13, 2020 Understood. I'm leaning towards policy based mode to heavily manage some devices for security. Does policy based mode use file hashes or filenames? Thanks Link to comment Share on other sites More sharing options...
Administrators Marcos 4,609 Posted May 13, 2020 Administrators Share Posted May 13, 2020 HIPS uses paths with file names. Hashes can be used only in exclusions or in ESET Enterprise Inspector to block files with specific SHA1. rgoldman 1 Link to comment Share on other sites More sharing options...
Recommended Posts