McAfee Red and Greyscale

Similar documents
McAfee VirusScan and McAfee epolicy Orchestrator Administration Course

MA0-100.exam.83q MA0-100 McAfee Certified Product Specialist-ePO

Mcafee epo. Number: MA0-100 Passing Score: 800 Time Limit: 120 min File Version: 1.0

es T tpassport Q&A * K I J G T 3 W C N K V [ $ G V V G T 5 G T X K E G =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX *VVR YYY VGUVRCUURQTV EQO

McAfee Exam MA0-100 McAfee Certified Product Specialist-ePO Version: 7.0 [ Total Questions: 157 ]

McAfee Client Proxy Product Guide

McAfee epolicy Orchestrator Release Notes

McAfee epolicy Orchestrator Release Notes

McAfee Application Control/ McAfee Change Control Administration

McAfee Host Intrusion Prevention Administration Course

McAfee Security Connected Integrating epo and MFECC

McAfee epolicy Orchestrator 4.5 Reporting Guide

Deploying the hybrid solution

McAfee Application Control Windows Installation Guide. (McAfee epolicy Orchestrator)

McAfee - MA0-100 McAfee Certified Product Specialist-ePO

McAfee epolicy Orchestrator 4.5 Hardware Sizing and Bandwidth Usage Guide

McAfee Application Control Linux Product Guide. (McAfee epolicy Orchestrator)

McAfee Data Protection for Cloud 1.0.1

POC Installation Guide for McAfee EEFF v4.2.x using McAfee epo 4.6 and epo New Deployments Only Windows Deployment

McAfee MVISION Endpoint 1808 Installation Guide

How-to Guide: Tenable for McAfee epolicy Orchestrator. Last Updated: April 03, 2018

McAfee MA McAfee Certified Product Specialist-ePO.

McAfee MVISION Endpoint 1811 Installation Guide

NGFW Security Management Center

Online Help StruxureWare Data Center Expert

McAfee Endpoint Security Threat Prevention Installation Guide - macos

McAfee Firewall Enterprise epolicy Orchestrator Extension

Firewall Enterprise epolicy Orchestrator

McAfee Drive Encryption Administration Course

McAfee Security-as-a-Service

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Mobile epo Extension Product Guide

McAfee MER for EPO 3.1 Walkthrough Guide. About this guide This guide provides information on how to use McAfee MER for EPO 3.1.

Resolution: The DataChannel servlet no longer stops working, regardless of the state of the DataChannel extension.

Product Guide. McAfee Endpoint Upgrade Assistant 1.5.0

McAfee Agent 5.6.x Product Guide

Tenable for McAfee epolicy Orchestrator

McAfee Endpoint Security

McAfee Rogue Database Detection For use with epolicy Orchestrator Software

NGFW Security Management Center

Vector Issue Tracker and License Manager - Administrator s Guide. Configuring and Maintaining Vector Issue Tracker and License Manager

McAfee Management of Native Encryption 3.0.0

Product Guide. McAfee Endpoint Upgrade Assistant 1.4.0

Managing Client Proxy

McAfee Agent Interface Reference Guide. (McAfee epolicy Orchestrator Cloud)

Policy Manager in Compliance 360 Version 2018

Wavelink Avalanche Mobility Center Java Console User Guide. Version 5.2

McAfee Agent Product Guide. (McAfee epolicy Orchestrator Cloud)

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

McAfee Boot Attestation Service 3.5.0

Vodafone Secure Device Manager Administration User Guide

Interface Reference. McAfee Application Control Windows Interface Reference Guide. Add Installer page. (McAfee epolicy Orchestrator)

McAfee Endpoint Security Threat Prevention Installation Guide - Linux

Citrix Connector Citrix Systems, Inc. All rights reserved. p.1. About this release. System requirements. Technical overview.

Configuring Antivirus Devices

McAfee Network Security Platform 8.3

McAfee SiteAdvisor Enterprise 3.5.0

McAfee Security Connected Integrating epo and MVM

Centrify Infrastructure Services

ForeScout Extended Module for IBM BigFix

McAfee Management for Optimized Virtual Environments AntiVirus 4.5.0

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

McAfee Change Control Linux Product Guide. (McAfee epolicy Orchestrator)

McAfee File and Removable Media Protection 6.0.0

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator)

KASPERSKY LAB. Kaspersky Administration Kit version 6.0. Reference Book

NGFW Security Management Center

Software Delivery Solution 6.1 SP1 HF2 for Windows Release Notes

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

McAfee Network Security Platform 8.1

NGFW Security Management Center

2013 McAfee, Inc. All Rights Reserved. 1. epolicy Orchestrator 5.1 Essentials

Revision A. McAfee Data Loss Prevention Endpoint 11.1.x Installation Guide

McAfee Agent 4.5 Product Guide

NGFW Security Management Center

McAfee Rogue System Detection 5.0.0

ForeScout Extended Module for IBM BigFix

Exchange Pro 4.4. User Guide. March 2017

BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0. Administration Guide

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator 5.9.0)

McAfee MA McAfee Certified Product Specialist - DLPE.

McAfee Rogue System Detection 5.0.5

McAfee Application Control and McAfee Change Control Linux Product Guide Linux

McAfee. Deployment and User Guide. epo 4 / Endpoint Encryption

2012 Microsoft Corporation. All rights reserved. Microsoft, Active Directory, Excel, Lync, Outlook, SharePoint, Silverlight, SQL Server, Windows,

McAfee Change Control and McAfee Application Control 6.1.4

McAfee Security for Microsoft SharePoint Hotfix

MOVE AntiVirus page-level reference

NGFW Security Management Center

Wavelink Avalanche Site Edition Web Console User Guide. Version 5.3

Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs

McAfee Policy Auditor Installation Guide

McAfee Web Gateway Administration

Account Plan Pro Set Up Guide

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Product Guide Revision A. McAfee Client Proxy 2.3.2

Wavelink Avalanche Site Edition Java Console User Guide. Version 5.3

Tenable for McAfee epolicy Orchestrator

McAfee Vulnerability Manager 7.0.1

Release Notes McAfee Change Control 8.0.0

Transcription:

epolicy Orchestrator version 4.0 Quick Reference Card Product Updates DAT File Updates Database server McAfee Download Site 1 2 4 Threat Notification epolicy Orchestrator Server and Master Repository 6 5 Rogue System Detection Sensor Rogue System Web-Based Consoles Detection Sensor Policy Updates Threat Events Update Repository 3 Update Repository Product Updates DAT File Updates Product Updates DAT File Updates 7 Managed systems with agents Managed systems with agents Enterprise scalable, system security management McAfee Red and Greyscale 5 Distributed repository Repositories, 1 epolicy Orchestrator server The center of your managed environment. The server delivers security policy, controls updates, processes events, and serves tasks for all managed systems. 2 Master repository The central location for all McAfee product installation, update and signature packages, which are available to managed systems using distributed repositories and agents. distributed throughout your environment, provide managed systems access to DAT files, product updates, and product installations. These repositories distribute the impact of updating managed systems. 6 Rogue System Detection (RSD) sensor The point to the epolicy Orchestrator server and reports. Use a browser session to configure policies, create or edit tasks, and run reports. sensor resides on one system per subnet and notifies you when a rogue system enters the environment. It can then initiate an automatic response, such as deploying an agent to that system. (RSD is unavailable at initial release, but is expected soon after.) 4 Threat notification An alert message based 7 McAfee Agent A vehicle of information and 3 Web-based consoles The remote access on threat and compliance events in your environment. epolicy Orchestrator can alert you immediately to events in your environment via standard email message or SNMP trap. mcafee.com $ enforcement between the epolicy Orchestrator server and each system. The agent retrieves updates, ensures task implementation, enforces policy and forwards events for each managed system.

The New Layout Along with the new architecture, epolicy Orchestrator 4.0 introduces a redesigned interface and new user experience. Features are spread across seven sections of the software. Each contains locations where managed products can add functionality. These sections are accessed by the buttons along the top of the page after logging on. Functionality available within each section is spread across tabs. Dashboards New! Dashboards are made up of monitors, which display the results of a query that are refreshed automatically or provide convenient functionality (like Quick System Search). You can choose from a number of default dashboards, or build your own with monitors created from chart-based queries. Reporting Go to Reporting to view and work with data about your managed environment. In this section of the product, you can work with queries, the different logs that are accessible from the interface, and MyAvert Security Threats. Software Go to Software to view and work with repositories and their contents. All deployment and updating functionality is located here. In addition to existing functionality, you can now change credentials on multiple distributed repositories at once, and copy only selected packages during a pull task. Systems Go to Systems to organize and work with the managed systems in your environment. Under Systems, you can work with and assign policies and client tasks, take actions on systems, set up the System Tree, its groups, and any synchronization settings or sorting criteria on them. Network Go to Network to view and work with items that apply to your broader environment. For example, if you have multiple epo servers, you can register them all here for multi-server reporting purposes. Automation Go to Automation to set up those items that run on a schedule or are used in automatic responses. For example, server tasks and notification rules are both located here. Configuration Go to Configuration to set up user accounts, permission sets, contacts, and server settings. These are the global settings that are necessary for your epo environment.

Are You Upgrading to epolicy Orchestrator 4.0? epolicy Orchestrator 4.0 has been redesigned. Upgrading customers will notice that the data from the previous installation is migrated to the new one. Sometimes, the migrated items are changed slightly for the new version. This page details the items that are migrated. Users and permissions All user accounts are migrated. However, now user accounts are distinct from permissions, which are handled by permission sets. All users who are not global administrators are assigned at least one permission set automatically. Users who were global reviewers are assigned the single permission set, Global Reviewer. Users who were site administrators or site reviewers, have two permission sets after upgrade. The first is either Group Admin or Group Reviewer. The second, is a custom permission set created and named for the user. This permission set contains the permissions the user had to managed products and groups of the System Tree. User accounts and permission sets are accessed under Configuration. Directory The Directory is migrated to the System Tree of epolicy Orchestrator 4.0. Additionally, all IP sorting filters, and settings for NT domain and Active Directory synchronization are migrated. These settings are accessed by the Edit links next to Sorting criteria and Synchronization type on the Systems System Tree Group page. Policies and client tasks All policies in your Policy Catalog are migrated. However, epolicy Orchestrator 4.0 no longer supports the per tab inheritance of the policy pages (where you could assign a policy to a group, but could have certain tabs inherit from the parent groups policy). To ensure that the effective policy settings on a given system stay the same after the upgrade, new policies are created for each unique assignment point in the System Tree and are given unique names by placing a number in parentheses within the policy name. For example, MyPolicy (2). The Policy Catalog is accessed under Systems. For products that are not supported at the time of release, policies are migrated and enforced, but are not editable or assignable. All client tasks are migrated. Server tasks All server tasks are migrated except for the Inactive Agent Maintenance, Compliance Check, and Purge Events tasks, which are no longer supported. Additionally, any tasks that were scheduled to Run Immediately are migrated with their schedules disabled. Run Immediately is no longer a valid schedule type, although you can go to the Server Tasks page and click Run next to any task to launch it immediately. Events After the upgrade finishes, be sure to schedule an Event Migration server task. While other information is migrated automatically during the upgrade, events are not. This task migrates events from your previous database to the new one. The time this task takes to run depends on the quantity of events you are migrating. Consider scheduling this task to run during off-peak hours. Repositories Your distributed repositories and source sites are all migrated, as are the pull and replication server tasks. However, even if your distributed repositories are up-to-date, you must replicate to them after the upgrade finishes before using them or reporting on them. Additionally, consider revisiting your Repository Pull server tasks to see if you can take advantage of the new selective pull feature. Notifications Notification rules, SNMP servers, external commands, registered executables, and the Notification Log are all migrated. The Notification Log is accessed under Reporting, while everything else is accessed under Automation.

Now, Where Do I Find...? Use this task list to help you find where you need to go to perform familiar tasks. Task General Configure server settings like global updating and ports Work with user accounts Work with permissions for users Bring products under epo managements Work with email address entries Export information to other formats Working with agents Deploy agents to a group Deploy agents to selected systems Wake up agents in a group Wake up agents on selected systems Create a custom agent installation package Go to... Configuration Server Settings. Select a category and click Edit. Configuration Users. Configuration Permission Sets. Configuration Extensions. Click Install Extension, then browse to the extension file provided by the desired product. Configuration Contacts. This release has a global contact list, instead of individual lists per feature. From almost any page displaying a table or chart, select Options Export Chart, or Options Export Table. Deploy Agents. Systems System Tree Systems. Select systems, then click Deploy Agents. Wake Up Agents. Systems System Tree Systems. Select systems, then click Wake Up Agents. Systems System Tree. Click New Systems, then select Create and download agent installation package. Managing systems in the System Tree Add new systems Systems System Tree. Click New Systems. Set IP sorting filters Edit next to Sorting criteria. Configure NT domain or Active Directory synchronization settings Working with policies and tasks Work with server tasks Work with client tasks Work with policies in the Policy Catalog Import and export policies Assign a policy to a group Assign a policy to a system Assign a policy to selected systems Edit next to Synchronization type. Automation Server Tasks. Be sure to check out the new schedule options! Systems System Tree Client Tasks. Be sure the appropriate group is selected in the System Tree. Systems Policy Catalog. All the familiar functionality is available, including viewing assignments. System Policy Catalog. Select a product, then click Import or Export. Systems System Tree Policies. Be sure the desired group, product and category are selected, then click Edit Assignment. Systems System Tree Systems. Select the system, then click Modify Policies on a Single System. Systems System Tree Systems. Select the systems, then click Assign Policy. Copyright 2007 McAfee, Inc. All Rights Reserved. 700-1168-00

Task Working with policies and tasks (continued) Copy and paste policy assignments to and from a system Change policy enforcement status on a group Change policy enforcement status on a system Systems System Tree Systems. Select the desired system, then click Modify Policies on a Single System. Systems System Tree Policies. Be sure the desired group is selected, then click link next to Enforcement status. Systems System Tree Systems. Select a system, click Modify Policies on a Single System, then click the link next to Enforcement status. Accessing data about your environment Run a query Reporting Queries. Select the desired query and click Run. Create or edit a query Reporting Queries. Click New Query, or select a query and click Edit. Work with Server Task Log Reporting Server Task Log. You can also use the Query Builder wizard (Reporting Queries) for reports. Work with Audit Log Reporting Audit Log. You can also use the Query Builder wizard (Reporting Queries) for reports. Work with Event Log Reporting Event Log. You can also use the Query Builder wizard (Reporting Queries) for reports. Setting up MyAvert Security Configuration Server Settings. Select MyAvert Security Threats, then click Edit. Threats Working with MyAvert Security Threats Viewing MyAvert Security Threats summary information Working with repositories Check in a package to the master repository Configure proxy settings for the master repository Run a Pull Now task Run a Replicate Now task Export SITELIST.XML Export SITEMGR.XML Import SITEMGR.XML Working with Notifications Work with Notification Log Work with notification rules Go to... Reporting MyAvert. Dashboards. If you have a dashboard available that displays the MyAvert Security Threats dashboard monitor. Software Master Repository. Click Check In Package and follow the wizard. Software Master Repository. Click Configure Proxy Settings. Software Master Repository. Click Pull Now and follow the wizard. Software Distributed Repositories. Click Replicate Now and follow the wizard. Software Master Repository. Click Export Sitelist. Software Distributed Repositories or Software Source Sites. Click Export Repositories or Export Source Sites. Whichever page you export the list from, both distributed repositories and source sites are included in it. Software Distributed Repositories or Software Source Sites. Click Import Repositories or Import Source Sites. To import both distributed repositories and source sites from the file, you must import it twice, once from each page. Reporting Notification Log. Use the filters on this page to create highly customized displays of the data. Automation Notification Rules.

Which Permissions Do I Need? This release of epolicy Orchestrator 4.0 provides more flexibility to grant access and functionality to users. However, this new flexibility means that users may need permissions to several features in order to perform a task. Permissions are grouped together in assignable sets; one or more of which can be assigned to one or more users. Global administrators are not assigned any permission sets. By definition, global administrators have permissions to everything. Several default permission sets are available from the start. In fact, if youre upgrading to version 4.0, migrated users are automatically assigned the default permission set that corresponds to their role in the previous versions. Permissions for queries and dashboards When a user needs to use queries or dashboards, consider which queries the user must run. For a query or dashboard monitor to return and display data for a user, that user must also have view permissions to the features that own the data. For example, for a user to run a public query successfully against detection events, that user must have permissions to use public queries, view events (Event Log), and to access the System Tree groups targeted by the query. McAfee recommends using one of the default permission sets as a base. Remember, you can assign multiple permission sets to any user. Permission Set Executive Reviewer Global Reviewer Group Admin Group Reviewer Description For users who need to access and share information about the managed environment, but do not require access to any settings. A user with these permissions can use public dashboards and public queries, and can view features or parts of the product that are necessary to access the data public dashboards and queries. For example, this set grants view permissions to the entire System Tree to ensure that when this user runs a query against managed systems, data from all systems is available. For users who need to access and share information from epolicy Orchestrator and need to view all settings and the entire System Tree. This set grants no permissions to extensions or multi-server roll-up data. This permission set is assigned automatically to migrated global reviewers during an upgrade. For users who need access to core epolicy Orchestrator functionality with an undetermined access to managed products and systems. This permission set does not grant any permissions to managed products or systems. These users need at least one more set that grants permissions to desired products and groups of the System Tree. This permission set is assigned automatically to migrated site administrators during an upgrade. For users who need view access to core epolicy Orchestrator functionality with an undetermined access to managed products and systems. This permission set does not grant any permissions to managed products or systems. These users need at least one more set that grants permissions to desired products and groups of the System Tree. This permission set is assigned automatically to migrated site reviewers during an upgrade.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback