HIPS

HIPS protection resides on individual systems such as servers, workstations or notebooks. The Host Intrusion Prevention agent delivers protection by inspecting traffic flowing into or out of a system and examining the behavior of the applications and operating system for attacks. When an attack is detected, the agent can block it at the network segment connection, or can issue commands to the application or operating system to stop the behavior initiated by the attack. For example, buffer overflow is prevented by blocking malicious programs inserted into the address space exploited by an attack. Installation of back door programs with applications like Internet Explorer is blocked by intercepting and denying the application’s “write file” command.

Benefits of Host IPS

Copyright © 2006 McAfee, Inc. All Rights Reserved.