McAfee EPOLICY ORCHESTRATOR 4.0.2 - Guía de usuario Pagina 189
- Pagina / 228
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Detecting Rogue Systems
Unprotected systems are often the weak spot of any security strategy, creating entry points
through which viruses and other potentially harmful programs can access your network. Even
in a managed network environment, some systems might not have an active McAfee Agent on
them. These can be systems that frequently log on and off the network, including test servers,
laptops, or wireless devices.
Rogue System Detection provides real-time detection of rogue systems through use of the
Rogue System Sensor installed throughout your network. The sensor listens to network broadcast
messages and DHCP responses to detect systems connected to the network.
When a sensor detects a system on the network, it sends a message to the ePolicy Orchestrator
server. The server then checks whether the system has an active agent installed and managed.
If the system is unknown to the ePO server, Rogue System Detection provides information to
ePolicy Orchestrator to allow you to take remediation steps, including alerting network and
anti-virus administrators or automatically deploying an agent to the system.
Contents
What are rogue systems
How the Rogue System Sensor works
How detected systems are matched and merged
Rogue System Detection states
Rogue Sensor Blacklist
Rogue System Detection policy settings
Rogue System Detection permission sets
Setting up Rogue System Detection
Configuring Rogue System Detection policy settings
Configuring server settings for Rogue System Detection
Setting up automatic responses to Rogue System Detection events
Working with detected systems
Working with sensors
Working with subnets
Rogue System Detection command-line options
Default Rogue System Detection queries
What are rogue systems
Rogue systems are systems that access your network, but are not managed by your ePO server.
A rogue system can be any device on your network that has a network interface card (NIC).
189McAfee ePolicy Orchestrator 4.0.2 Product Guide
- Product Guide 1
- Contents 3
- The ePO server 13
- Using this guide 14
- Audience 15
- How permission sets work 17
- Contacts 18
- The Audit Log 20
- The Event Log 20
- MyAVERT Security Threats 22
- Working with user accounts 23
- Working with permission sets 24
- Duplicating permission sets 25
- Working with contacts 26
- Working with server settings 27
- Specifying an email server 28
- Viewing the Server Task Log 30
- Filtering the Server Task Log 30
- Working with the Audit Log 31
- Purging the Audit Log 32
- Working with the Event Log 33
- Viewing threat notifications 35
- Deleting threat notifications 35
- The System Tree 39
- Administrator access 40
- Subnets and IP address ranges 41
- Tags and how they work 42
- Systems and structure 44
- Systems only 44
- Criteria-based sorting 45
- How settings affect sorting 46
- IP address sorting criteria 46
- Tag-based sorting criteria 47
- Group order and sorting 47
- Catch-all groups 47
- Working with tags 48
- Creating groups manually 52
- GroupA\system1 54
- GroupA\system2 54
- GroupA\system3 54
- GroupA\system4 54
- Sorting systems manually 56
- Agents and SuperAgents 65
- Agent-server communication 66
- /P command-line option 67
- Agent activity logs 69
- Agent policy settings 69
- Security Keys 71
- Methods of agent distribution 72
- Distributing agents 73
- Installing the agent manually 77
- C:\TEMP 78
- Upgrading existing agents 79
- Removing the agent 81
- Maintaining the agent 82
- Running an update manually 86
- Updating policies 87
- Enforcing policies 87
- Viewing agent settings 87
- Working with security keys 88
- Deleting ASSC keys 91
- Backing up all security keys 93
- Agent command-line options 94
- Creating Repositories 100
- Creating source sites 104
- Extensions and what they do 114
- Policy management 115
- Policy application 116
- Client tasks and what they do 117
- Viewing policy information 118
- Viewing policy ownership 119
- Sales Europe) 122
- Working with policies 123
- Exporting a single policy 124
- Importing policies 125
- Working with client tasks 128
- Editing client tasks 129
- Deleting client tasks 129
- Frequently asked questions 130
- Product and update deployment 133
- Deployment tasks 134
- Update tasks 134
- Global updating 135
- Pull tasks 136
- Replication tasks 137
- Repository selection 137
- Checking in packages manually 138
- Running a Pull Now task 144
- Running a Replicate Now task 146
- Sending Notifications 152
- Throttling and aggregation 153
- Planning 155
- Setting up ePO Notifications 157
- Working with SNMP servers 158
- Duplicating SNMP servers 159
- Editing SNMP servers 159
- Deleting an SNMP server 159
- Importing .MIB files 159
- Adding registered executables 160
- Editing external commands 162
- Deleting external commands 162
- Describing the rule 163
- Setting filters for the rule 164
- Purging the Notifications Log 167
- Product and component list 168
- Querying the Database 170
- Public and personal queries 171
- Query permissions 171
- Query Builder 172
- Multi-server roll-up querying 173
- Registering ePO servers 174
- Working with queries 175
- Running an existing query 176
- Running a query on a schedule 176
- Duplicating queries 178
- Importing queries 179
- Dashboards and how they work 184
- Working with Dashboards 186
- Making a dashboard public 187
- Detecting Rogue Systems 189
- Systems that host sensors 191
- Rogue System Detection states 192
- Overall system status 193
- Rogue System Sensor status 194
- Rogue Sensor Blacklist 195
- Distributing 198
- Detection 199
- Editing sensor settings 200
- Detection events 201
- Working with detected systems 202
- Editing system comments 203
- Exporting the Exceptions list 203
- Merging detected systems 204
- Working with sensors 206
- Installing sensors 207
- Editing sensor descriptions 208
- Removing sensors 209
- Working with subnets 210
- Ignoring subnets 211
- Including subnets 211
- Renaming subnets 211
- Dashboards 213
- -UpdOptiStats 15 215
- Backing up an MSDE database 216
- C:\PROGRAM FILES\MCAFEE\EPO 218
- (continued) 219
Relacionado con productos y manuales para Software McAfee EPOLICY ORCHESTRATOR 4.0.2 -
Software McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE Especificaciones
(120 paginas)
(120 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UTILITIES 4.0 Manual de usuario
(11 paginas)
(11 paginas)
Software McAfee QUICKCLEAN 1.0 Manual de usuario
(22 paginas)
(22 paginas)
Software McAfee GUARD DOG 2 Guía de usuario
(128 paginas)
(128 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.042 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales