McAfee UTILITIES 4.0 Guía de usuario Pagina 30
- Pagina / 112
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Working with IPS Rules policies
The IPS Rules policy applies intrusion prevention safeguards. This policy is a multiple-instance
policy that can have multiple instances assigned. For example, for an IIS Server you might
apply a general default policy, a server policy, and an IIS policy, the latter two configured to
specifically target systems runnings as IIS servers.
Each policy contains details on:
• Exception Rules
• Signatures
• Application Protection Rules
You also need to go to the Host IPS tab under Reporting to work with:
• IPS Events
• IPS Client Rules
This policy category contains a preconfigured default policy, which provides basic IPS protection.
You can view and duplicate the preconfigured policy; you can edit, rename, duplicate, delete,
and export custom policies you create.
On the Policy Catalog policy list page, click New Policy to create a new custom policy; click
Duplicate under Actions to create a new custom policy based on an existing policy.
Change the policy’s assignment on the Policy Assignment page. For a group, go to Systems
| System Tree, select a group, and then on the Policies tab click Edit Assignment. For a
system, go to Systems | System Tree, select a group that contains the system, and then on
the System tab, select the system and select More Actions | Modify Policies on a Single
System.
To assign more than one instance of the IPS Rules policy on the Policy Assignment page,
click New Policy Instance, and select a policy from the Assigned Polices list for the additional
policy instances.
Tasks
Working with IPS signatures
Working with IPS Application Protection rules
Working with IPS Exceptions
Working with IPS events
Managing IPS client rules
Working with IPS signatures
Signatures describe security threats, attack methodologies, and network intrusions. Each
signature has a default severity level, which describes the potential danger of an attack:
• High — Signatures that protect against clearly identifiable security threats or malicious
actions. Most of these signatures are specific to well-identified exploits and are mostly
non-behavioral in nature. They should be prevented on every host.
• Medium — Signatures that are behavioral in nature and deal with preventing applications
from operating outside of their environment (relevant for clients protecting web servers and
Microsoft SQL Server 2000). On critical servers, you may want to prevent those signatures
after fine-tuning.
Configuring IPS Policies
Working with IPS Rules policies
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.030
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Relacionado con productos y manuales para Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UNINSTALLER 6.0 Guía de usuario
(99 paginas)
(99 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de instalación
(29 paginas)
(29 paginas)
Software McAfee ENDPOINT ENCRYPTION ENTERPRISE - BEST PRACTICES GUIDE Especificaciones
(120 paginas)
(120 paginas)
Software McAfee QUICKCLEAN 1.0 Guía de usuario
(41 paginas)
(41 paginas)
Software McAfee UTILITIES 4.0 Manual de usuario
(11 paginas)
(11 paginas)
Software McAfee QUICKCLEAN 1.0 Manual de usuario
(22 paginas)
(22 paginas)
Software McAfee GUARD DOG 2 Guía de usuario
(128 paginas)
(128 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.044 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales