McAfee UTILITIES 4.0 Podręcznik Użytkownika Pobierz pdf (Strona 33)

8 Click Save to save changes.

Creating signatures

Use this task to create custom host intrusion prevention signatures to protect specific operations.

Task

For option definitions, click ? on the page displaying the options.

1 On the IPS Rules policy Signatures tab, click Add Signature. A blank Signature page

appears.

2 On the signature’s IPS Signature tab, enter a name and select the platform, severity

level. log status, and whether to allow the creation of client rules.

Figure 5: New Custom Signature—IPS Signature tab

3 On the Description tab, type a description of what the signature is protecting. This

description appears in the IPS Event when the signature is triggered.

4 On the Sub-Rule tab, select either Add Standard Sub-Rule or Add Expert Sub-Rule

to create a rule.

Figure 6: New Custom Signature—Sub-Rules tab

To use Expert method:To use Standard method:

The Expert method, recommended only for advanced

users, enables you to provide the rule syntax without

The Standard method limits the number of types you

can include in the signature rule.

limiting the number of types you can include in the

Configuring IPS Policies

Working with IPS Rules policies

33McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0

1 2 ... 28 29 30 31 32 33 34 35 36 37 38 ... 111 112

Brak uwag

McAfee UTILITIES 4.0 Podręcznik Użytkownika Strona 33