SEP 12.1.2 IPS not installed but IE and FF add-on is enabled
We have just deployed the 12.1.2 server update and client update and I created a new package to send to all endpoints. In the package I included the firewall but not the Intrusion Prevention. Does this mean that even though the IPS is not installed for the clients the add-on is still on the machines? Is it part of the Network Threat Protection or just the IPS? When I look at the protection technology on all clients in the management console it show that the intrusion prevention for IE and FF is not installed but yet the add-on is installed for all clients anyway and IE9 asks to enable/disable the add-on.
Is this what was supposed to happen even without the IPS installed and only the Firewall installed? If it is part of the Network Threat Protection and I create a new IPS policy, can the add-on be enabled by default without user intervention?
Comments 2 Comments • Jump to latest comment
Yes it is separate from IPS component.You can disable from within the IPS policy. See here for all the info:
Expected behavior of Browser Intrusion Prevention
Note that disabling the Browser Intrusion Prevention by policy in this manner does not actually disable the add-on within the the browser. Instead what occurs is that the add-on enters, essentially, a passthrough mode in which it should perform no filtering.
SEP Knowledge Base
Endpoint SWAT
You can deselect the browser intrusion prevention from the IPS policy assigned to that client - the addon though still will be visible in the browser - now working only in pass-through mode and allowing everything.
The is currently no way of deselecting it from install package - as it would require disabling other features.
Alternatively you should be able to disable the addons as well from the level of the Browser itself.
Would you like to reply?
Login or Register to post your comment.