I found this post on a antivirus forum: http://www.wilderssecurity.com/showthread.php?t=341736
The posters quoted a Norton help screen where Norton states that many of the HIPS protection features in its firewall do not work on X64 system - I will post the quoted Norton help file below.
I was planning to get NIS when my NAV subscription ends in less than 30 days to gain the firewall but if many of the HIPS protection will not work on my Windows 7 X64 system, it does not sound like I am really gaining anything - opinions?
The Norton Help file that was quoted (with the X64 exclusions bolded.)
Advanced Events Monitoring
When you are connected to the Internet, there are various ways by which intruders can gain unauthorized access to your computer.
Intruders can gain access to your computer in the following ways without causing firewall alerts to appear:
- Launching and manipulating safe programs without your knowledge
- Attaching to a safe program without getting detected
- Launching trusted applications in hidden mode through command-line parameters
- Injecting code into other applications' processes
- Modifying the URL of an Internet browser through Windows messages
- Bypassing firewall inspections by penetrating the Windows TCP/IP layer to send and receive data
- Using the documented interfaces that Windows Active Desktop provides to transmit data outside the network
- Using keylogger programs to monitor the keystrokes of a computer user, thereby gaining access to a user's personal information
- Instantiating controlled COM objects to manipulate an application's behavior
The Advanced Events Monitoring settings consist of the following categories that provide your computer with advanced protection:
Program Component
Monitors the malicious programs that launch Internet-enabled programs.
Program Launch
Monitors the malicious programs that attach to safe programs without being detected.
Command Line Execution
Monitors the Trojan horses or malicious programs that launch trusted applications in hidden mode through command-line parameters.
Code Injection
Monitors the Trojan horses or malicious programs that inject code into an application's process without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Window Messages
Monitors the Trojan horses and other malicious programs that manipulate an application's behavior to connect to the Internet without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Direct Network Access
Monitors the Trojan horses and other malicious programs that bypass network traffic.
These programs penetrate the Windows TCP/IP layer to send and receive data without triggering firewall alerts.
Active Desktop Change
Monitors the malicious programs that use the documented interfaces that the trusted applications provide to transmit data outside the network without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Key Logger Monitor
Monitors the malicious keylogger programs that access personal information of a user on a particular computer by monitoring their keystroke activities.
This category is not available if you use 64-bit version of Windows.
COM Control
Monitors the malicious programs that manipulate an application's behavior by instantiating controlled COM objects.
This category is not available if you use 64-bit version of Windows.
When you are connected to the Internet, there are various ways by which intruders can gain unauthorized access to your computer.
Intruders can gain access to your computer in the following ways without causing firewall alerts to appear:
- Launching and manipulating safe programs without your knowledge
- Attaching to a safe program without getting detected
- Launching trusted applications in hidden mode through command-line parameters
- Injecting code into other applications' processes
- Modifying the URL of an Internet browser through Windows messages
- Bypassing firewall inspections by penetrating the Windows TCP/IP layer to send and receive data
- Using the documented interfaces that Windows Active Desktop provides to transmit data outside the network
- Using keylogger programs to monitor the keystrokes of a computer user, thereby gaining access to a user's personal information
- Instantiating controlled COM objects to manipulate an application's behavior
The Advanced Events Monitoring settings consist of the following categories that provide your computer with advanced protection:
Program Component
Monitors the malicious programs that launch Internet-enabled programs.
Program Launch
Monitors the malicious programs that attach to safe programs without being detected.
Command Line Execution
Monitors the Trojan horses or malicious programs that launch trusted applications in hidden mode through command-line parameters.
Code Injection
Monitors the Trojan horses or malicious programs that inject code into an application's process without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Window Messages
Monitors the Trojan horses and other malicious programs that manipulate an application's behavior to connect to the Internet without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Direct Network Access
Monitors the Trojan horses and other malicious programs that bypass network traffic.
These programs penetrate the Windows TCP/IP layer to send and receive data without triggering firewall alerts.
Active Desktop Change
Monitors the malicious programs that use the documented interfaces that the trusted applications provide to transmit data outside the network without triggering firewall alerts.
This category is not available if you use 64-bit version of Windows.
Key Logger Monitor
Monitors the malicious keylogger programs that access personal information of a user on a particular computer by monitoring their keystroke activities.
This category is not available if you use 64-bit version of Windows.
COM Control
Monitors the malicious programs that manipulate an application's behavior by instantiating controlled COM objects.
This category is not available if you use 64-bit version of Windows.