Windows 7 (64-bit) compatible HIPS?

I've tried running a search, but the information seems scattered across several different threads.

What HIPSes are available for Windows 7? Here's my list so far:
1. Comodo Internet Security
2. PC Tools Firewall
3. Threatfire

By the way, does anyone know of a HIPS that can easily classify new programs into a group? I've been searching for years for something like this.

What I mean is, I'd like to be able to open a program, hit say "A(llow), N(etwork)" on my keyboard and that program will be granted network access.

I find a ton of programs end up asking me 100 popups, that I end up clicking 'trust' anyway, defeating the purpose of a HIPS.

 

WinPatrol is 64 bit compatible.
It's a lightweight HIPS but in my opinion, quite effective.

 

Kaspersky Internet Security.

With KIS you can choose which category to place new applications in. From placing apps on Kasperskys white list and digitally signed applications in the "Trusted" category to placing everything not recognized in the "Untrusted" category, meaning they are blocked from doing anything. I have yet to get anything past this.

 

Did you've no problems with it too? Like, no new software like uncommon games being put there or anything?

 

It's not HIPS it's more like HIDS (Host Intrusion Detection System), you get information about changes with delay not in realtime like in other HIP(Prevention)S cases.

 

I use comodo x64. Unfortunately, it has slightly reduced security compared to x32, but I believe it is no worse than other 64 bit HIPS. When matousec releases results for win 7 x64 we will know for sure. However, I have tested comodo with matuosecs current suite of tests and it only fails at forced user logoff, keyloggers and windows messages. It appears to properly protect all other aspects.

I am very happy with comodo and would recommend it over threatfire and pc tools. Assuming you have the patience to define rules, comodo allows you to easily create predefined sets of rules which you can apply to numerous programs, using them as a starting point. If you want a more automated solution, threatfire is a good compromise. Comodo is better in my opinion if you are willing to take the time to set up rules.

Again, especially because you are on x64, make sure your security model incorporates redundancy.

 

Shadow Defender is x64.

 

SD is not HIPS....

 

Emsisoft has Mamutu currently in beta for x64:

http://support.emsisoft.com/topic/1432-a-squared-anti-malware-5-0-public-beta-has-arrived/

http://support.emsisoft.com/topic/1450-a-squared-anti-malware-5-0-beta-discussion/

 

Comodo Firewall - You can always disable Firewall and use Defense+ & Sandbox. Very strong and quite.

 

I had 100 CPU usage from KA, seems they are having problems still going back a years with avp.exe.

I'd stay away from KA right now!

 

I will recommend Kaspersky Internet Security and WinPatrol as the most effective and x64 compatible HIPS. If anyone feels that KIS should not use 100% CPU, then disable Idle and Rootkit scan. It will never use 100% CPU again except during custom/full scan initiated by you. Do not compromise security due to misconfiguration. Need more help regarding settings of KIS 2011/WinPatrol, please ask here.

 

I also recommend KIS in Interactive Mode, it's the most user-friendly HIPS I've ever seen. Much more quiet than, for example Comodo and Online Armor when I last tried them.

KIS automatically places almost all legitimate programs to the Trusted group without alerting you about anything. For me it has even placed some unofficial game modding tools to the Trusted group since they're listed in it's KSN database. However most malware has a hard time in penetrating KIS. And if KIS places a legitimate application to a restricted group, it's pop-ups have a nice, simple "Make trusted" button.

Also I haven't had any CPU usage problems with KIS 2011. Even with idle and rootkit scans enabled (although with them the I/O is too high for me.. they're easy to disable though).

 

Spyware Terminater is getting a 64 bit version soon.

 

Yes, but that's the free version, the Plus version has realtime.

 

Mamutu is more like a behavior blocker, not a HIPS.

 

in paranoid mode mamutu is or acts similar to a hips programs when it comes to get a frecuent pop up alerts

 

As noted in another thread, I heartily recommend OnlineArmor-Premium . . .

***Online Armor currently runs on WindowsXP SP3 (32bit), Vista SP2 (32bit) and Win7 (32bit & 64bit).

***Capabilities- Online Banking Mode, Kernel Mode Security, Automatic Updates, Web Shield, Phishing Filter, Execution Protection, Termination Protection, Autostart Protection, Firewall, Advanced Mode (HIPS), Keylogger Detection, Import/Export Settings, Tamper Protection, Transparent Blocking, DNS Spoofing Protection, Script/Worm protection, Program Guard
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

By the way - the price of the ++ version of OnlineArmor is presently at least 50% off (there are even higher discounts for certain areas of the world). The added capabilities of the ++ version (in addition to the benefits listed above) are . . .

Antivirus and Antimalware (Ikarus), Rootkit Scanner

 

I'd recommend Spyshelter with it's System Protection module enabled...

 

Agreed, bellgamin. Emsisoft is legendary and adds a protection one could ever dream of. Add OA to that and you're more protected than a nuke facility! But wait... that's the cost of system resources. I was drained back to stonage on system resources but I was happy with the protection (I do test aprox. 50-100 new malware samples each day and I was about 99% safe). It's up to you; protection while being crippled, or a lightning fast computer with 95% protection. It's your choice!

P.S. I forgot I'm posting this on a security forum. Obviously people are going to pick EAM + OA. Legendary.

 

Non non mon ami. OA++ has a full tout-de-suite security. Ergo, EAM would largely be a redundancy-- why bring a lawnmower to go swimming?

 

spy shelter premium all the way

 

threatfire at level 5 is sorta like a hips cause it alerts you on everything.

mamutu and threatfire arent hips, but when they are set to paranoid mode or level 5 sensitivity they can "act" like it

 

i am using outpost firewall pro , WinPatrol and spyshelter with no problems

 

nice setup