McAfee Product Management Statement - Impact of NDIS drivers during Host Intrusion Prevention installation
Technical Articles ID:
KB59945
Last Modified: 8/21/2020
Last Modified: 8/21/2020
McAfee Product Management Statement - Impact of NDIS drivers during Host Intrusion Prevention installation
Technical Articles ID:
KB59945
Last Modified: 8/21/2020 Environment
McAfee Endpoint Security Firewall (ENS) 10.5.x, 10.6.x McAfee Host Intrusion Prevention (Host IPS) 8.0 Problem
Loss of network connectivity during Host Intrusion Prevention (Host IPS) installation.
SolutionIMPORTANT: The below explanation about the use of an NDIS intermediate driver also applies to ENS Firewall.
A major component of Host IPS is the host firewall. Like all modern host-based firewalls, Host IPS 8.x uses an NDIS intermediate driver to perform network filtering operations at packet level. When Host IPS is installed, the insertion of the firewall’s NDIS driver causes Microsoft Windows to tear down and rebuild the IP stacks on connected interfaces. This behavior causes some applications to generate error messages or loose connection during the temporary loss of connectivity. Previous versions of Host IPS used With NDIS 5.0, supported on XP and prior Windows versions, when an NDIS intermediate driver is installed or uninstalled, the bindings in the driver stack are torn down and later rebuilt. As a result, it leads to loss of network connectivity across all network interface cards. NDIS 6.0, supported on Windows, provides several enhancements over 5.0 including the following:
NDIS support for Host IPS 8.x:
Affected ProductsGlossary of Technical Terms |
|