33
White Paper Access Protection in McAfee VirusScan Enterprise and
Host Intrusion Prevention
Access Protection in VirusScan Enterprise
A key component of VSE, Access Protection gives you flexibility to limit potential outbreak damage, even
before a .DAT file is issued. You can also close ports, monitor applications and email engines, block files
and directories, and trace and block infection sources.
Access Protection prevents unwanted changes to your computer by restricting access to specified ports,
files and folders, shares, and registry keys and values. It prevents users from stopping McAfee processes
and services, which are critical before and during outbreaks.
Access Protection for VSE uses predefined and user-defined rules to strengthen systems against virus
attacks. For instance, rules are used to specify which items can and cannot be accessed. Each rule can be
configured to block and/or report access violations when they occur, and rules can also be disabled.
The goal of this white paper is to provide an in-depth look at Access Protection and the importance and
detail of the rules, which are organized into categories based on their function. The paper will explain
the advantages and risks for Access Protection features, enabling you to determine which settings are
optimal for your environment.
Extending Access Protection with McAfee Host Intrusion Prevention
The November 2008 content release for McAfee Host Intrusion Prevention (Host IPS) included new
signatures that effectively duplicate the functionality of VSE’s Access Protection rules. For greater control
and flexibility, many customers have asked for the ability to manage these protections within Host IPS.
The new signatures are disabled by default and set to log only in Host IPS to prevent accidental changes
in your security posture and preferences. This white paper describes which Host IPS signatures map to
VSE rules where applicable.
McAfee
®
VirusScan
®
Enterprise (VSE) 8.7i, the leading enterprise-class anti-virus
software solution, uses true on-access scanning to identify, proactively block, and
safely eliminate viruses and potentially unwanted programs (PUPs) for optimal
business availability. Centrally managed with McAfee ePolicy Orchestrator
®
(ePO™)
and scalable for businesses of any size, VSE enhances the security of your company’s
computing systems by protecting them from programs that may be watching,
recording, and externally transmitting sensitive company information.
Securing networks against a wide range of threats—viruses, spyware, worms, rootkits,
and Trojans—is more challenging than ever. Whether you are a global enterprise or
a small or medium-sized business that has a full-time security staff, VSE ensures that
your endpoint servers, desktops, and laptops remain malware free. VSE proactively
stops and removes threats, extends coverage for new security risks, and reduces the
cost of managing outbreak responses. It even stops zero-day threats and mitigates
your window of vulnerability without an update.
(122 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales