Last Modified: 4/28/2016
- Apply the appropriate exceptions to your named policy for Host IPS before installing the OS update in your production environment.
- Apply the exceptions to the Host IPS policy before installing an OS patch or SP while the Host IPS client has IPS enabled and running in Prevent High severity reaction mode.
The syntax for applying the exceptions should be defined as drive:\*\i386\update\update.exe
NOTE: The * wildcard is for the dynamically created parent folder (for example: d:\813959b0c311cb6685d\i386\update\update.exe).
Steps to perform before applying an OS patch or SP to a Host IPS client running in Prevent High severity reaction mode:
Apply the OS patch or SP on a selected test computer in Warning mode to identify any events that may be triggered.
Create appropriate exceptions and re-test to ensure no other signatures are triggered.
Apply exceptions to production Host IPS clients before rolling out patch updates.
See PD22894 - Host Intrusion Prevention 8.0 Product Guide for more details on this feature.