Adding a HIPS Agent Policy

You can add a policy to manage the HIPS agents.

1. Select Policy from the main menu on the top side of the web screen.
2. Select Policy > Security Program Policy tab.
3. Click Add > HIPS/FW Policy > HIPS Agent Policy. Set required information in Agent.
4. On the Agent tab, you can configure the settings you need for the agent. First enter the interval for checking the integrity of the agent.
5. Select the Enable HIPS Self-Defense checkbox to protect other programs from accessing the install folder, process or registry of the HIPS agent.
6. Select to Use HIPS Watchdog service to check for any abnormal behaviors on the agent.
7. Specify whether to allow the user to uninstall the agent. Available values are: Allow after password input, Always allow or Always deny.
8. Specify the settings for log retention including the maximum length and size of storing the logs.
9. Click Save and go to the Update settings tab.
10. To automatically check for the agent updates, select the Enable automatic updates checkbox and specify the interval for checking for updates.
11. You can also enable updates to occur at a regular interval. To do so, select the Enable scheduled updates checkbox and select the repetition interval.
12. In case the agent fails to connect to the server for updates, specify the maximum limit for retrying the update under Update Retry. You can enter a value between 1 and 99.
13. Click Save and go to the Network Engine settings tab.
14. Select the mode for processing the packets of the network engine.

• Inline: Processes the packet directly. This is the generally used mode.
• Tab: Processes the packet separately after copying the packet. This mode reduces traffic by minimizing delays and conducts detection only.
• Bypass: Processes the packet by bypassing the engine during an emergency such as engine failures and network failures.

14. Select the Enable oversubscription checkbox to process packets by forwarding any volumes that exceed the amount that can be handled by the IPS. This feature allows a stable processing of packets.

15.  Click Save and go to the Internal Network settings tab.
16. To set an internal network to apply the IPS and firewall policy, click Add.
17.  Enter a name for the network and the IP address in the IPv4, IPv6, CIDR, or IP range format. E.g. 192.168.0.12, 2002:9b3d:1a32:4:208:74ff:fe39:6c43
18. Enter a description for the network and click OK to add to the list.
19. Click Save and go to the Exception IP settings tab.
20. To exclude an IP from the IPS and firewall policy, click Add.
21. Enter a name for the IP and the IP address in the IPv4, IPv6, or CIDR format. E.g. 192.168.0.12, 2002:9b3d:1a32:4:208:74ff:fe39:6c43.
22. Enter a description for the IP and click OK to add to the exceptions.
23.  Click Save.