McAfee UTILITIES 4.0 Guía de usuario Pagina 21
- Pagina / 112
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Host IPS server tasks
Host Intrusion Prevention provides a single server task that enables review and promotion of
client rules to administrative policy.
Property Translator
The Property Translator server task translates Host Intrusion Prevention client rules that are
stored in the ePolicy Orchestrator database to handle Host Intrusion Prevention sorting, grouping,
and filtering of data. This task, which runs automatically every 15 minutes and requires no user
interaction. You can, however, select it and run it immediately if needed. For more information
on server tasks, see the ePolicy Orchestrator 4.0 documentation.
Notifications for Host IPS events
Notifications can alert you to any events that occur on Host Intrusion Prevention client systems.
You can configure rules to send email or SNMP traps, or run external commands when specific
events are received and processed by the ePolicy Orchestrator server. You can specify the event
categories that generate a notification message and the frequency that notifications are sent.
For complete details, see the ePolicy Orchestrator 4.0 documentation.
How notifications work
In the Host Intrusion Prevention environment, when events occur they are delivered to the
ePolicy Orchestrator server. Notification rules are associated with the group or site that contains
the affected systems, and are applied to the events. If the conditions of a rule are met, a
notification message is sent,or an external command is run, as specified by the rule.
You can configure independent rules at different levels of the System Tree. You can also configure
when notification messages are sent by setting thresholds that are based on aggregation and
throttling.
ePolicy Orchestrator provides default rules that you can enable for immediate use. Before
enabling any of the default rules:
1 Specify the email server from which the notification messages are sent.
2 Check that the recipient email address is the one you want to receive email messages.
Notification rules
You can create rules for many event categories, including:
• Policy enforcement failed• Access Protection rule violation detected
and blocked
• Repository update or replication failed
• Access Protection rule violation detected
and NOT blocked
• Software deployment failed
• Software deployment succeeded
• Computer placed in quarantine mode
• Software failure or error
• Email content filtered or blocked
• Unknown category
• Intrusion detected
• Update/upgrade failed
• Non-compliant computer detected
• Update/upgrade succeeded
• Normal operation
All rules are created in the same basic manner:
Managing Your Protection
Management of systems
21McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Relacionado con productos y manuales para Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UNINSTALLER 6.0 Guía de usuario
(99 paginas)
(99 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de instalación
(29 paginas)
(29 paginas)
Software McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE Especificaciones
(120 paginas)
(120 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UTILITIES 4.0 Manual de usuario
(11 paginas)
(11 paginas)
Software McAfee QUICKCLEAN 1.0 Manual de usuario
(22 paginas)
(22 paginas)
Software McAfee GUARD DOG 2 Guía de usuario
(128 paginas)
(128 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.035 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales