Productive Corporation

• Three Threat Protection Technologies in One - CA HIPS blends stand-alone firewall and intrusion detection and prevention capabilities to provide centralized proactive threat protection to counter online threats. This combination offers superior access control, policy enforcement, easy intrusion prevention management and deployment from a central location via a single interface.
• Behavior-based Real-time Protection - System administrators can use key functionality within CA HIPS to learn system behavior and prevent potentially malicious activity. This helps customize environments based on business requirements.
• Enterprise-focused Threat Management Solution - Environments can be protected against security breaches and ensure service continuity by determining what traffic is appropriate, what applications can communicate and even what behaviors and access rights on individual systems will be allowed or blocked. Centralized management functions allow for efficient and effective logging of all relevant events to help with compliance, reporting and investigations.
• USB Port Blocking - USB ports can be locked completely as well as locked out to certain types of USB plug-ins such as; specific make and model USB flash drives, iPod adaptors, NAS devices, etc. 
• Centralized Policy Management - CA HIPS offers excellent centrally-managed policy creation, deployment and maintenance to make ongoing administration of security policy across the enterprise easy and flexible. Access and control levels can be determined and applied to the system, groups of users or to an individual user. Policies can also be set to specific users when they are in specific roles or locations.

CA HIPS Supported Server Platforms:

• Windows 2000 Professional with SP4 Rollup 1
• Windows 2000 Server with SP4 Rollup 1
• Windows 2000 Advanced Server with SP4 Rollup 1
• Windows XP Professional with SP2 (32/64 bit)
• Windows 2003 Server with SP2 (32/64 bit)
• Windows 2008 Server (32/64 bit)

Server Requirements:

• Intel Xeon 3 GHz processor or higher (x86/x64)
• 2 GB RAM
• 80 GB or larger hard disk
• 100/1000mbps network interface card

CA HIPS Suppored Client Platforms:

• Windows 2000 Professional with SP4 Rollup 1
• Windows 2000 Server with SP4 Rollup 1
• Windows 2000 Advanced Server with SP4 Rollup 1
• Windows XP Professional with SP2 or SP3 (32/64 bit)
• Window Vista with and without SP1 (32/64 bit)
• Windows 2003 Server SP2 (32/64 bit)
• Windows 2008 Server (32/64 bit)
• Database Support (for server side):
• Apache Derby 10.3 (included in the installation)
• HSQL 1.8.0
• Microsoft SQL Server 2005
• Microsoft SQL Server 2008

Client Requirements

• 1.6 GHz processor
• 512MB of RAM
• 20 GB or larger hard disk

Java runtime (for server side):

• The Sun J2SE Runtime Environment 1.6 or higher (included on the CD)

Other:

• VMware

Q: What are common external attacks that HIPS helps prevent or protect against?
A: In addition to proactively securing a machines devices and ports; CA HIPS protects machines in the following ways: Firewall (stateful packet inspection bi-directional network firewall).  Intrusion Detection and Prevention (packets and streams scanning and interception).  OS Security, file access, registry access, application start and spawning, COM objects (inner program interfaces), devices access, services, Dll loading, system privileges (inject code, terminate processes).

Q: How do I Deploy HIPS?
A: You first need to create a CA HIPS client installation package on the CA HIPS server.  You then can install HIPS on the clients by using any of the following methods: Install the software on each computer individually.  Install the software using a script that calls the MSI file.  Install the software using a third party software delivery tool.  Note: install the software on a small number of client computers first to test your deployment.

Q: What if I purchased eTrust Firewall?
A: The eTrust Firewall products are being discontinued.  eTrust Firewall Enterprise and Workgroup customers with active maintenance will be given the option of a no charge upgrade.  Customers who previously bought eTrust Firewall, either the Enterprise or Workgroup edition but do not have an active maintenance contract, are eligible for a 50% discount.  

Q: Why should I buy HIPS when a Network Intrusion Prevention System (NIPS) appliance is cheaper?
A: A host-based intrusion prevention is more effective at blocking and containing intrusions and infections at the individual workstation level versus a NIPS system.  NIPS do not focus on an IT environments endpoints, where there is a high risk of threat infection.  Many security experts do consider NIPS and HIPS to be complementary of one another, giving your environment protection at the desktop and network level.

Q: Will HIPS work with my existing anti-virus and anti-spyware products?
A: CA HIPS is designed to complement other vendor's anti-spyware and anti-virus products as well as CA's own portfolio of threat products.

Download the Implementation Guide for CA HIPS r8.1
Format: PDF
Length: 84 pages
Size: 523 KB
Contents Include:

• Server Installation Tasks
• Server Operation Tasks
• Server Configuration Tasks
• External Database Tasks
• Licensing and Registration Tasks 
• Client Installation Tasks
• Troubleshooting

CA also offers an on-line documentation library.  Below are the topics that the library covers, (you will be directed away from our site once you click on a link).  

Best Practices for Deploying CA HIPS

• Installing Microsoft SQL Sever 2005 Express with the CA HIPS Server
• Using the HIPS server to create a client installation package
• Installing the HIPS client using Unicenter SDO
• Policy best practices

Do you need access to tech support in a timely manner for the CA HIPS product? 
We Can Help You - 800.726.4099, help@productivecorp.com, contact us, locate your dedicated Account Executive.