Chapter 6. HIPS Components

Host Intrusion Prevention System (HIPS) products have two essential elements:

  • A software package installed on the endpoint to protect it, called a client or agent.

  • A management infrastructure to manage the agents.

This chapter divides the two major elements into subcomponents, describes them, and illustrates functional approaches for each. Real-world HIPS products are used as practical examples.

Endpoint Agents

Imagine a guard who is assigned to secure the entrance to a building. When someone approaches a protected resource, the guard begins an access control process and stops the person and asks for some form of identification. After the necessary information has been gathered, the guard follows policy and decides whether ...

Get Intrusion Prevention Fundamentals now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.