Topic: which value in tables/procedures of epo4 database can make hip7 client rules...

[bong]

which value in tables/procedures of epo4 database can make hip7 firewall client rules editalbe in clinet side?


Hi,

I use epo4 and hip7
 
I am finding such a table/procedure in epo4 database, a value can make hip7 firewall client rules editable in hip7 client?(I mean if I modify this table/procedure, after enforce rules from epo4, firewall rules can be edited in hip7 client,not as the default way invisable) . anyone can tell me which value in which table/procedue?thanks.

[jheysen]

you mean, direct SQL register editing, or by ePO console?

[bong]

I mean direct SQL register editing, I think by ePO console cannot do this

[jheysen]

well, really you CAN do it by ePO console, indeed I did it once, but I don't remember how x_x

Anyway, are you planning to upgrade your ePO server to 4.5 or 4.6? because EOL for 4.0 is scheduled this year..
As for the ePO method, we can wait for moderator metalmunna who is an expert on the matter, in the meanwhile I'll recheck my ePO configs to see if I can remember how did I achieve that..

[metalmunna]

which value in tables/procedures of epo4 database can make hip7 firewall client rules editalbe in clinet side?


Hi,

I use epo4 and hip7
 
I am finding such a table/procedure in epo4 database, a value can make hip7 firewall client rules editable in hip7 client?(I mean if I modify this table/procedure, after enforce rules from epo4, firewall rules can be edited in hip7 client,not as the default way invisable) . anyone can tell me which value in which table/procedue?thanks.

hi there, if you wanted to mean the client console for HIP7 will show and editable from the client side; then you can do it easily to make visible on client side;

On ePO 4.5;

Menu | Systems | System Tree ... now jump on the right side; under My Organization | Assigned Policies and then from drop down menu ... select "Host Intrusion Prevention; General ", now "Client UI (Windows)", inside this policy you can make visible the HIP console on client side ...

have a good day, that's it ...

[bong]

sorry, I do not mean to show the client console for HIP7. I know the way for this.

I mean now when I enfoce firewall rules from epo4, rules in hip7 client cannot edited/modified even if unlocked the user interface.
Actrually, all settings/configs are stored in tables/procedures of epo4 database, epo console is just a "exterior",what you see in epo console not the turth it works.
I think if I change x value in x table/proceduere, my purpose can be achived.

[metalmunna]

sorry, I do not mean to show the client console for HIP7. I know the way for this.

I mean now when I enfoce firewall rules from epo4, rules in hip7 client cannot edited/modified even if unlocked the user interface.
Actrually, all settings/configs are stored in tables/procedures of epo4 database, epo console is just a "exterior",what you see in epo console not the turth it works.
I think if I change x value in x table/proceduere, my purpose can be achived.

the thing you want that's not possible if deployed by ePO and if HIP rules editable from the client console then there has no need to deploy through ePO and no need to centralize management. do you understand what i wanted to mean? by whole sense McAfee didn't keep that way for the client if deployed through ePO nor there has no security coz client can break the rules ...

if you need to edit the rules from client side then install the HIP directly on the client system, just not deploy through ePO.

[bong]

not powssible? maybe,or not....

I prefer modifing database to using epo console just because epo console didn't keep that way for the client and I don't want one of my pc to be centralize managed. But I need epo console to collect this client firewall rules for exporting,saving,modifing and then importing,enfocing to client for the use of next time. Why so complicated? because HIP client itself cannot save firewall rules to a file for backup whether it installed directly or not. modifing database just like a "hack" to reach the goal. for example:

In epo console,all "mcafee default" rules are not editalbe,deletable, but I had found a table in epo database, after changed some values in it can turn "mcafee deault" rules editable and deletable.

by the way, if you know how to save hip client firewall rules by other means, I do not need to do things above and kick epo away immediately.

[metalmunna]

no, i'm sorry ... i have no idea. but you can exclude that client from the ePO and manually install the HIP on there .. that's the simple and easiest way ..

[malmoussy]

what do you mean "get along a format war" how can you have a format war when someone produces a much higher quality format and everyone realizes it?