Skip navigation
469 Views 2 Replies Latest reply: Apr 11, 2012 7:48 AM by jdfed RSS
ITBlogger Rookie 36 posts since
Jan 23, 2012

Has received 1 of 9 achievements.
Currently Being Moderated

Apr 6, 2012 11:43 AM

Multiple systems popping up error with LANDesk HIPS

Hi All,

 

I'm going to open up a trouble ticket after creating this post, but wanted to see if anyone is having the same issue.

 

We are running LANDesk Security Suite and Management Suite 9 SP3.

 

We have Endpoint Security, Device Control and HIPS installed on all of our agents, but they are currently not doing anything. Eventually we want to at least use the Device Control to limit what can be done with CD/DVD drives and USB ports and perhaps also use the application whitelisting, but all of that is currently turned off, but installed.

 

It's all installed so we don't have to deal with reinstalling the agent later and causing reboots to production systems.

 

The only problem is that some systems are occassionally popping up a window with the error "LANDesk Host Intrusion Prevention has stopped working" and the only choice is to "Close the program".

 

Unfortunately, I don't see anything in the event logs or LANDesk logs that help diagnose this issue.

 

And considering that we need users to trust this product and that we are running it on production systems, it can't be this buggy.

 

Anyhow, it would be interesting to see if anyone else is having this problem. I was quite surprised that I got zero hits when searching for the exact error.

 

I've attached a JPEG of the error.

Attachments:
  • Peter Lee Apprentice 107 posts since
    Aug 23, 2009

    Has received 1 of 9 achievements.

    I do have the same issue with SP2. I did install the agent with End-Security enabled which without carrying restrict policy. I hope someone from LANDesk can tell how this happen and how to resolve.

     

    Thanks.

  • jdfed Rookie 13 posts since
    Mar 2, 2011

    Has received 1 of 9 achievements.

    It's not just you...we reported troubling behavior with EPS (Endpoint Security) after SP3 and a new agent rollout to LANDesk Support, and it is something they are now aware of and actively trying to resolve.

     

    Our new SP3 agent (deployed to a small group - 250 clients) had the Firewall "learning mode" turned on, but the other EPS settings - HIPS and Device Control - disabled. Some clients had HIPS turned on anyway (with pop-ups and blocks), and others registered blocked CD's. Very disturbing to see this when the agent config settings (and default HIPS and DC settings) call for neither to be turned on.

     

    While we wait for the fix, I had no choice but to create a new agent, disabling all EPS settings. I'm hoping this works as a temporary band-aid. I'll update next week to let you know if it worked.

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • Correct Answers - 20 points
  • Helpful Answers - 10 points
LANDESK Community powered by Jive SBS® 4.5.7.1  |  Legal Notices  |  Privacy Policy  |  Icon 

TweeterOn Twitter  |  Icon FacebookOn Facebook © 2007 LANDESK Software