Install the Host Intrusion Prevention System (HIPS) Module
An XCCDF Rule
Description
Install the McAfee Host Intrusion Prevention System (HIPS) Module if it is absolutely necessary. If SELinux is enabled, do not install or enable this module.
warning alert: Functionality Warning
Installing and enabling this module conflicts with SELinux.
Per DoD/DISA guidance, SELinux takes precedence over this module.
warning alert: Warning
Due to McAfee HIPS being 3rd party software, automated
remediation is not available for this configuration check.
Rationale
Without a host-based intrusion detection tool, there is no system-level defense when an intruder gains access to a system or network. Additionally, a host-based intrusion prevention tool can provide methods to immediately lock out detected intrusion attempts.
- ID
- xccdf_org.ssgproject.content_rule_package_MFEhiplsm_installed
- Severity
- Medium
- References
-
A.10.1.1
A.11.1.4
A.11.1.5
A.11.2.1
A.12.1.1
A.12.1.2
A.12.4.1
A.12.4.3
A.12.5.1
A.12.6.1
A.12.6.2
A.13.1.1
A.13.1.2
A.13.1.3
A.13.2.1
A.13.2.3
A.13.2.4
A.14.1.2
A.14.1.3
A.14.2.7
A.14.2.8
A.15.2.1
A.16.1.1
A.16.1.2
A.16.1.3
A.16.1.4
A.16.1.5
A.16.1.6
A.16.1.7
A.18.1.4
A.18.2.2
A.18.2.3
A.6.1.2
A.7.1.1
A.7.1.2
A.7.3.1
A.8.2.2
A.8.2.3
A.9.1.1
A.9.1.2
A.9.2.3
A.9.4.1
A.9.4.4
A.9.4.5
Clause 16.1.2
Clause 7.4
- Updated