McAfee UTILITIES 4.0 Guía de usuario Pagina 10
- Pagina / 112
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
The two Host Intrusion Prevention policies without a My Default policy, IPS Rules and Trusted
Applications, are called multiple-instance policies because you can assign multiple policy instances
under a single policy. The policy instances are automatically combined into one effective policy.
Figure 1: IPS Rules policy with three policy instances
How policies are applied
Policies are applied to any System Tree group or system by inheritance or assignment.
Inheritance
determines whether the policy settings for any system are taken from its parent.
By default, inheritance is enabled throughout the System Tree. You can break inheritance by
direct policy
assignment
. Host Intrusion Prevention, as managed by ePolicy Orchestrator, enables
you to create policies and assign them without regard to inheritance. When you break this
inheritance by assigning a new policy, all groups and systems below inherit the new policy.
Policy ownership
Each policy is required to have an assigned owner. Ownership ensures that no one can modify
the policy other than the global administrator, the creator of the policy, or the person associated
as the policy owner. Any administrator can use any policy that exists in the catalog, but only
the creator, owner, or global administrator can modify it.
If you assign a policy that you do not own to System Tree groups that you administer, and the
owner of the policy modifies it, all systems to which this policy is assigned receive these
modifications.
TIP: To use and control a policy owned by a different administrator, duplicate the policy, then
assign the duplicate policy.
Policy tracking and tuning
The deployment and management of Host Intrusion Prevention clients are handled from ePolicy
Orchestrator. In the ePO System Tree you can group systems hierarchically by attributes. For
example, you might group a first level by geographic location and a second level by operating
system platform or IP address. McAfee recommends grouping systems by Host Intrusion
Prevention configuration criteria, including system type (server or desktop), use of major
applications (web, database, or mail server), and strategic locations (DMZ or intranet). You can
place systems that fit a common usage profile into a common group on the System Tree. In
fact, you might name a group after its usage profile, for example,
Web Servers
.
With computers grouped in the System Tree according to type, function, or geographic location,
you can easily divide administrative functions along the same lines. With Host Intrusion
Introducing Host Intrusion Prevention 7.0
Policy tracking and tuning
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.010
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Relacionado con productos y manuales para Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UNINSTALLER 6.0 Guía de usuario
(99 paginas)
(99 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de instalación
(29 paginas)
(29 paginas)
Software McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE Especificaciones
(120 paginas)
(120 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UTILITIES 4.0 Manual de usuario
(11 paginas)
(11 paginas)
Software McAfee QUICKCLEAN 1.0 Manual de usuario
(22 paginas)
(22 paginas)
Software McAfee GUARD DOG 2 Guía de usuario
(128 paginas)
(128 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.123 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales