The technology aims to combine AV, malware, and network intrusion detection into an intelligent overall security umbrella that covers your entire desktop -- and sometimes server -- landscape. The only problem with HIPS is the same problem you encounter with any "umbrella" technology: When the term becomes a buzzword, everyone scurries to get under and out of the rain — no matter what they do.
For example, some vendors are trying to call their wares HIPS with single-application support -- a specific database, for example. That doesn't do it for me. HIPS needs to be broad. To keep me dry, the HIPS umbrella needs to be as diverse as possible, from desktop to network. That includes network-level scanning: port scanning and traffic scanning, preferably. The anti-virus/malware deal is a given, but how deeply -- and for which attacks -- is still evolving. Again, for me, that needs to be as deep as possible.
Perhaps most important for systems administrators is how much impact HIPS will have on network and network application performance. Scanning of any kind takes overhead, and something as broad and smart as a HIPS platform is going to be making some CPUs smoke somewhere. So the big question is, Where are those CPUs, and exactly how much smoke are we talking about?
As long as it's not coming out of my users' ears, I'm happy, but somebody needs to show me that in real life. Right now, that question is still up in the air, and as far as I'm concerned, that puts HIPS up in the air — at least for production-level deployment.