McAfee UTILITIES 4.0 Guide de l'utilisateur Page 92
- Page / 112
- Table des matières
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Host Intrusion Prevention creates a new firewall rule based on the options selected, adds
it to the Firewall Rules list, and automatically allows or blocks similar traffic.
Responding to Application Blocking alerts
When application creation or application hooking is enabled in the Application Blocking
Options policy, Host Intrusion Prevention monitors application activities and allows or blocks
them based on the rules in the Application Blocking Rules policy.
If you enabled learn mode for either creation blocking or hooking blocking, Host Intrusion
Prevention displays an Application Creation Alert or Application Hook Alert whenever it
detects an unknown application trying to run or bind to another program.
The Application Information tab displays information about the application attempting to
run (creation) or to hook (hook) to another process, including application name, path, and
version.
Use this dialog box to select an action:
• Click Allow to let the application complete its action:
• For an Application Creation Alert, clicking Allow lets the application run.
• For an Application Hook Alert, clicking Allow lets the application bind itself to another
program.
• Click Deny to block the application:
• For an Application Creation Alert, clicking Deny prevents the application from running.
• For an Application Hook Alert, clicking Deny blocks the application from binding itself to
another program.
When you click Allow or Deny, Host Intrusion Prevention creates a new application rule based
on your choice. After collecting client properties, this rule is added to the Application Client
Rule tab of the Application Rules policy. The application is then allowed or blocked
automatically.
Responding to Quarantine alerts
If you enable Quarantine mode and include the IP address of the client for quarantine
enforcement in the Quarantine Options policy, a quarantine alert appears in the following
situations:
• Changing the client computer’s IP address
• Disconnecting and then reconnecting the client Ethernet connection
• Restarting the client
Responding to Spoof Detected alerts
If you enable the IPS feature, this alert automatically appears if Host Intrusion Prevention
detects an application on your computer sending out spoofed network traffic. This means that
the application is trying to make it seem like traffic from your computer actually comes from a
different computer. It does this by changing the IP address in the outgoing packets. Spoofing
Working with Host Intrusion Prevention Clients
Overview of the Windows client
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.092
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Produits connexes et manuels pour Logiciel McAfee UTILITIES 4.0
(13 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels