McAfee VIRUSSCAN ENTERPRISE Guía de usuario Pagina 43
- Pagina / 166
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
DAT files and how they work
When the scanning engine searches through files looking for threats, it compares the contents
of the scanned files to
known threat information
stored in the detection definition (DAT) files.
The known threat information, called
signatures
, is information McAfee Labs has found and
added to the DAT files.
Besides the signatures, the DAT files also includes how to clean and counteract the damage
created by the detected virus. That is why it is so important to download the most recent version
of DAT file used by VirusScan Enterprise.
CAUTION: If the signature of a certain virus is not contained in any of the DAT files you have
installed, that virus will not be detected by the scanning engine. Also, the scanning engine must
be the latest version to be able to fully utilize the latest DAT files.
VirusScan Enterprise also uses heuristics, called Artemis, to check for suspicious files along with
the DAT files. Refer to
How Artemis works
for more information.
The various DAT files are stored at the following path:
\Program Files\Common Files\McAfee\Engine
The importance of an update strategy
The importance of an update strategy cannot be overstated. Without the latest DAT files and
scanning engine installed on your system, it is not fully protected from the latest viruses. There
has been an unprecedented rise in the number, propagation rate, and prevalence of new
malware. In addition, the growing amount of adware and spyware requires more consistent
and available detection and removal.
McAfee Labs releases DAT file updates at about 6:00 PM (GMT) almost every day. Naturally,
outbreaks will still occur at awkward times and require emergency releases. When a daily DAT
is released early, to pre-empt a potential outbreak, no second DAT is released that day at the
normally scheduled time, unless another emergency situation requires one.
How an update strategy is determined
You can update the DAT files and scanning engine, used by VirusScan Enterprise, using many
methods. You can use AutoUpdate tasks, manual updates, login scripts, or schedule updates
with management tools.
Using an update task allows you to:
• Schedule network-wide DAT file rollouts — You might stagger your update tasks, or
set a schedule that phases in DAT file updates to different parts of the network at convenient
times and with minimal intervention from administrators or network users.
• Split duties for rollout administration — To increase network bandwidth efficiency, use
different servers or domain controllers, among different regions of wide-area networks, or
across other network divisions to keep update traffic primarily internal. This can also reduce
the potential for network security breaches.
• Reduce the waiting time required to download new DAT or upgraded engine files
— Traffic on McAfee computers increases dramatically on regular DAT file publishing dates
and whenever new product versions are available. Avoiding the competition for network
bandwidth enables you to deploy your new software with minimal interruptions.
Part I - Prevention: Avoiding Threats
Updating detection definitions
43McAfee VirusScan Enterprise 8.8 Product Guide
- Product Guide 1
- Contents 3
- Audience 6
- Conventions 6
- How this guide is organized 7
- Finding product documentation 8
- Getting Started 10
- Using right-click features 14
- What to do first 17
- Quarantined items 18
- Access protection 19
- MyProgram.exe is not malware 20
- VirusScan Console 23
- Rule type descriptions 24
- Protection level descriptions 24
- Types of user-defined rules 25
- Port blocking rule options 31
- Removing user-defined rules 33
- Configuring unwanted programs 38
- DAT files and how they work 43
- Configuring the mirror task 46
- Framework 47
- Excluding scan items 48
- Using scheduled tasks 49
- Scheduling tasks 50
- Configuring the task schedule 50
- Scanning items on-access 51
- Enabling on-network drives 52
- How Artemis works 53
- Configuring general settings 54
- Configuring process settings 58
- Scanning items on-demand 62
- How scan deferral works 64
- How system utilization works 64
- Detections and responses 72
- Buffer overflow detections 73
- Unwanted program detections 73
- On-access scan detections 74
- On-demand scan detections 75
- Email scan detections 75
- Managing quarantined items 77
- Configuring alerts 78
- Access queries and dashboards 80
- Configuring emergency DATs 81
- Downloading a SuperDAT file 82
- Fine-Tuning Your Protection 84
- Running an example query 85
- Analyzing your protection 86
- Appendix 89
- SCAN32.EXE 91
- MCUPDATE.EXE 93
- MCUPDATE 93
- Connecting to remote systems 94
- Troubleshooting 95
- REINSTALLMODE 96
- Property 96
- McAfee VirusScan Enterprise 100
- 8.8, Installation Guide 100
- Frequently asked questions 101
- 00000000.ie 102
- CATALOG.Z 103
- Access Protection tab 104
- Configuring predefined rules 105
- Option definitions 106
- Alerts tab 107
- Reports tab 108
- Blocking tab 109
- Display Options tab 112
- Actions tab 113
- Scan Items tab 117
- General tab 120
- Default = very low 121
- Messages tab 122
- Notes Scanner Settings tab 123
- Exclusions tab 126
- Task tab 134
- Password Options tab 135
- Processes tab 136
- Quarantine Policy tab 140
- Policy tab 141
- Manager tab 142
- Scan Locations tab 144
- Performance tab 146
- DefinitionOption 147
- ScriptScan tab 148
- User-Defined Detection tab 149
- Repositories tab 150
- Proxy settings tab 153
- Mirror task 154
- AutoUpdate task 155
- Schedule tab 156
- Advanced schedule options 160
- Global Scan Settings tab 161
- (continued) 164
© 2020, manymanuals.es. Todos los derechos reservados | 0.065 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales