search

McAfee GUARD DOG 2 Guía de instalación Pagina 20

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 25
  • Tabla de contenidos
  • SOLUCIÓN DE PROBLEMAS
    •
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 19
16
McAfee
®
IntruShield
®
IPS System IntruShield Best Practices
Special Topics: Best Practices Access Control Lists (ACL)
1
Test restoration of backups periodically to ensure that a backup was successful and
valid. The best way to do this is to perform a “test” restore of the backup on a
secondary, non-production Manager.
The 'Config Tables' option backs up only tabled information relating to configured
tasks. This option is enabled by default to occur every Saturday night. This is set
within the Backup Scheduler action.
Save actual configs of sensors (not just the config tables) using the Export option
under the Sensor_Name tab. This creates a xml file (no attempt to read this file
should be made) that can be imported to any sensor of the same type in the future.
Save actual sensor configs weekly.
Access Control Lists (ACL)
When working with ACLs, note that you cannot set explicit ACL permit rules for
protocols that negotiate ports dynamically, with the exception of FTP, TFTP, and RPC
services. Protocols such as H.323 and Netmeeting, which negotiate the data
channel separately from the control channel, or negotiate ports that do not follow a
standard, are not supported. However, you can explicitly deny these protocol
instances by denying the fixed control port. However, you can configure ACLs to
explicitly deny these protocol instances by denying the fixed control port.
For RPC services, you can configure explicit permit and deny rules for RPC as a
whole, but not its constituents, such as statd and mountd.
Protocols or services, such as instant messaging and peer-to-peer communication,
that use dynamic ports, are not supported.
An alternative option for denying protocols that use dynamic ports is to configure
IDS policies to drop the attacks that are detected in such transmissions. IntruShield
detects use of and attacks in such programs as Yahoo Messenger, KaZaA, IRC, and
so on.
There is a limit on the number of ACL rules that can be supported by a sensor.
Tip
See Chapter 6 and Appendix B of the Manager Administrator’s Guide for more
information on file maintenance.
Sensor ACL rule limit
I-4010 1000
I-4000 1000
I-3000 1000
I-2700 400
I-2600 400
I-1400 100
I-1200 50
Tip
See Chapter 9 of the Manager Administrator’s Guide for more details on ACLs.
Vista de pagina 19
1 2 ... 15 16 17 18 19 20 21 22 23 24 25

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para No McAfee GUARD DOG 2
No McAfee M3050 - Network Security Platform Guía de instalación   (44 paginas)
No McAfee VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009 Manual de usuario   (13 paginas)
No McAfee GOLD - SUPPORT Manual de usuario   (38 paginas)
No McAfee VIRUSSCAN 5.1 Información técnica   (8 paginas)
  • Marsupial Unisen MPI Technologies Hoefer Acifarfisa
  • Zoom Dictáfonos Eminent Reproductores de medios digitales InSinkErator Fregaderos De Cocina RIDGID No A&D Básculas De Cocina
  • HP G510a Vzug Adora TL WP Dell UZ2715H Monitor Fujitsu 18RLFCD Mold Armor FG511
  • Casio PCR-360 Manual de instrucciones Bonide Systemic Houseplant Manual de usuario Sony DVP-SR170 Manual de usuario ADB ALC4-2 Manual de instrucciones