McAfee SC version 11.6
VirusScan 15.6
Firewall 12.6
Hi Guys,
Just got updated to the above last night, and notice a new option in the firewall settings, Intrusion Protection. I can't find much info on what it does exactly, and hope you can answer a couple of questions.
I had at first set it to High, but after doing so, I (coincidentally?) had 2 system lockups, both requiring a hard restart, and today a mcafee buffer overflow alert for IE9. I've now disabled Intrusion Protection, and so far all is good.
(No 3rd party addons in IE9, only mcafee script scanner, and no other security software present except for Sandboxie)
Thanks,
RD.
Solved! Go to Solution.
We finally got a response from the team developing this to the effect that:
I.P. is a new feature for Consumer (integrated from Enterprise products) and we had concerns about compatibility with all of the 3rd party apps that are available in the Consumer environment (vs. an Enterprise environment which is usually locked down to very specific and approved applications). IOW, we’ve made it available for those customers who are very concerned about their network security, but didn’t turn it on until the Beta product reveals no issues.
So basically it's your call if you want to enable it now.
Message was edited by: Ex_Brit on 26/10/12 10:57:54 EDT AMI have emailed my contact at McAfee as I have no idea what it is and why it's turned off by default. I assume it's similar to HIP's in Enterprise. I'll get back to you.
Meanwhile all I can quote is what the SecurityCenter Help states: Prevents your computer from being accessed and manipulated against your will.
It could clash with other in-place Windows safeguards so am checking that.
.
My McAfee contact has confirmed it's just like HIPs in Enterprise and quoted the Wiktionary definition:
Comparison with firewalls
Though they both relate to network security, an intrusion detection system (IDS) differs from a firewall in that a firewall looks outwardly for intrusions in order to stop them from happening. Firewalls limit access between networks to prevent intrusion and do not signal an attack from inside the network. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system. This is traditionally achieved by examining network communications, identifying heuristics and patterns (often known as signatures) of common computer attacks, and taking action to alert operators. A system that terminates connections is called an intrusion prevention system, and is another form of an application layer firewall.
He also states it should be on by default, well it was off in my system and can only assume that another process I use did that, but what process I have no idea. Maybe I saw a popup and told it to not warn me again and that probably did it. We do these things almost unconciously then wonder why things are the way they are afterwards because we forget.
I've turned mine on to see what happens.
Hi Peter,
Thanks for your help .
It seems the system lockups I was getting are unrelated, still got a couple after uninstalling mcafee .
Strange that your contact says Intrusion Protection should be enabled by default, I performed 2 clean mcafee installs, and Intrusion Protection was disabled in both instances. Even clicking on restore firewall defaults, sets Intrusion Protection to disabled .
Anyhow I'll have to leave this for now, gotta try and track down the cause of those system lockups.
Stay well, my friend ,
RD.
Thanks for confirming I wasn't losing my mind as I was also sure it was disabled by default. I will pass that back.
Good luck with your system glitches.
We finally got a response from the team developing this to the effect that:
I.P. is a new feature for Consumer (integrated from Enterprise products) and we had concerns about compatibility with all of the 3rd party apps that are available in the Consumer environment (vs. an Enterprise environment which is usually locked down to very specific and approved applications). IOW, we’ve made it available for those customers who are very concerned about their network security, but didn’t turn it on until the Beta product reveals no issues.
So basically it's your call if you want to enable it now.
Message was edited by: Ex_Brit on 26/10/12 10:57:54 EDT AMThanks very much for the follow up, Peter . Once I reinstall mcafee, I'll give IP another look, and see how things go.
All the best,
RD.
OK, good luck 😉
Seven years later Intrusion Detection is STILL not switched on the default of RECOMMENDED.
What on earth is going on? Is it recommended or not?
The last time it was there were issues. See if a mod can post more if not post back and I will ask elsewhere
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: