Productive Corporation

• Three Threat Protection Technologies in One - CA HIPS blends stand-alone firewall and intrusion detection and prevention capabilities to provide centralized proactive threat protection to counter online threats. This combination offers superior access control, policy enforcement, easy intrusion prevention management and deployment from a central location via a single interface.
• Behavior-based Real-time Protection - System administrators can use key functionality within CA HIPS to learn system behavior and prevent potentially malicious activity. This helps customize environments based on business requirements.
• Enterprise-focused Threat Management Solution - Environments can be protected against security breaches and ensure service continuity by determining what traffic is appropriate, what applications can communicate and even what behaviors and access rights on individual systems will be allowed or blocked. Centralized management functions allow for efficient and effective logging of all relevant events to help with compliance, reporting and investigations.
• Centralized Policy Management - CA HIPS offers excellent centrally-managed policy creation, deployment and maintenance to make ongoing administration of security policy across the enterprise easy and flexible. Access and control levels can be determined and applied to the system, groups of users or to an individual user. Policies can also be set to specific users when they are in specific roles or locations.

Client Platforms

• Platform: 1.6 GHz Processor
• Memory: Minimum of 512 MB RAM
• Disk size: 20GB
• Media: CD-ROM
• Network Interface: one standard NIC
• Windows 2000 Profesional with SP3 or SP4
• Windows 2000 Server with SP3 or SP4
• Windows 2000 Advanced Server with SP3 or SP4
• Windows XP Professional with SP1 or SP2 (32 bit edition only)
• Windows 2003 Server Standard without SP or SP1 (32 bit editon only)
• Windows 2003 Server Enterprise Edition without SP or with SP1 (32 bit edition only)

Server Platforms

• Platform: Intel Xeon 3000 MHz Processor (or equivalent)
• Memory: Minimum of 2GB RAM
• Disk Size: 80 GB SATA-II
• Network Interface: 10/100 mbps
• Windows 2000 Professional with SP4
• Windows 2000 Server with SP4
• Windows 2000 Advanced Server with SP4
• Windows XP Professional with SP2 (32-bit edition only)
• Windows 2003 Server Standard with SP1 (32-bit edition only)
• Windows 2003 Server Enterprise Edition with SP1 (32-bit edition only)

Q: What are common external attacks that HIPS helps prevent or protect against?
A: In addition to proactively securing a machines devices and ports; CA HIPS protects machines in the following ways: Firewall (stateful packet inspection bi-directional network firewall).  Intrusion Detection and Prevention (packets and streams scanning and interception).  OS Security, file access, registry access, application start and spawning, COM objects (inner program interfaces), devices access, services, Dll loading, system privileges (inject code, terminate processes).

Q: How do I Deploy HIPS?
A: You first need to create a CA HIPS client installation package on the CA HIPS server.  You then can install HIPS on the clients by using any of the following methods: Install the software on each computer individually.  Install the software using a script that calls the MSI file.  Install the software using a third party software delivery tool.  Note: install the software on a small number of client computers first to test your deployment.

Q: What if I purchased eTrust Firewall?
A: The eTrust Firewall products are being discontinued.  eTrust Firewall Enterprise and Workgroup customers with active maintenance will be given the option of a no charge upgrade.  Customers who previously bought eTrust Firewall, either the Enterprise or Workgroup edition but do not have an active maintenance contract, are eligible for a 50% discount.  

Q: Why should I buy HIPS when a Network Intrusion Prevention System (NIPS) appliance is cheaper?
A: A host-based intrusion prevention is more effective at blocking and containing intrusions and infections at the individual workstation level versus a NIPS system.  NIPS do not focus on an IT environments endpoints, where there is a high risk of threat infection.  Many security experts do consider NIPS and HIPS to be complementary of one another, giving your environment protection at the desktop and network level.

Q: Will HIPS work with my existing anti-virus and anti-spyware products?
A: CA HIPS is designed to complement other vendor's anti-spyware and anti-virus products as well as CA's own portfolio of threat products.