McAfee UTILITIES 4.0 Podręcznik Użytkownika Strona 28
- Strona / 112
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
2 In the IPS Options policy list, click Edit under Actions to change the settings for a custom
policy.
Figure 2: IPS Options
3 In the IPS Options page that appears, make any needed changes, then click Save.
Working with IPS Protection policies
The IPS Protection policy sets the protective reaction for signature severity levels. These settings
instruct clients what to do when an attack or suspicious behavior is detected. Each signature
has one of four severity levels:
• High — Signatures of clearly identifiable security threats or malicious actions. These
signatures are specific to well-identified exploits and are mostly non-behavioral in nature.
Prevent these signatures on every system.
• Medium — Signatures of behavioral activity where applications operate outside their
envelope. Prevent these signatures on critical systems, as well as on web servers and SQL
servers.
• Low — Signatures of behavioral activity where applications and system resources are locked
and cannot be changed. Preventing these signatures increases the security of the underlying
system, but additional fine-tuning is needed.
• Information — Signatures of behavioral activity where applications and system resources
are modified and might indicate a benign security risk or an attempt to access sensitive
system information. Events at this level occur during normal system activity and generally
are not evidence of an attack.
These levels indicate potential danger to a system and enable you to define specific reactions
for different levels of potential harm. You can modify the severity levels and reactions for all
signatures. For example, when suspicious activity is unlikely to cause damage, you can select
ignore as the reaction. When an activity is likely to be dangerous, you can set prevent as the
reaction.
This policy category contains six preconfigured policies and an editable My Default policy. You
can view and duplicate preconfigured policies; you can, create, edit, rename, duplicate, delete,
and export custom policies.
Preconfigured policies include:
Basic Protection (McAfee Default)
• Prevent high severity level signatures and ignore the rest.
Enhanced Protection
Configuring IPS Policies
Working with IPS Protection policies
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.028
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Powiązane produkty i podręczniki dla Oprogramowanie McAfee UTILITIES 4.0
(13 strony)© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.049 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji