McAfee Host Intrusion Prevention 8.0

Similar documents
McAfee Rogue Database Detection For use with epolicy Orchestrator Software

McAfee Firewall Enterprise epolicy Orchestrator Extension

Data Loss Prevention Discover 11.0

McAfee epolicy Orchestrator Software

Best Practices Guide. Amazon OpsWorks and Data Center Connector for AWS

Migration Guide. McAfee File and Removable Media Protection 5.0.0

McAfee Endpoint Security

McAfee Data Protection for Cloud 1.0.1

McAfee Content Security Reporter Installation Guide. (McAfee epolicy Orchestrator)

Boot Attestation Service 3.0.0

McAfee Boot Attestation Service 3.5.0

Addendum. McAfee Virtual Advanced Threat Defense

McAfee Management for Optimized Virtual Environments AntiVirus 4.5.0

Product Guide Revision A. McAfee Client Proxy 2.3.2

Installation Guide. McAfee Web Gateway Cloud Service

Installation Guide. McAfee Endpoint Security for Servers 5.0.0

McAfee MVISION Endpoint 1808 Installation Guide

McAfee Network Security Platform

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee SiteAdvisor Enterprise 3.5.0

McAfee Content Security Reporter Release Notes. (McAfee epolicy Orchestrator)

McAfee Change Control and McAfee Application Control 8.0.0

McAfee MVISION Endpoint 1811 Installation Guide

McAfee File and Removable Media Protection 6.0.0

McAfee Endpoint Security Migration Guide. (McAfee epolicy Orchestrator)

McAfee epolicy Orchestrator 5.9.1

Scripting Guide. McAfee Drive Encryption 7.2.0

McAfee Application Control Windows Installation Guide. (McAfee epolicy Orchestrator)

Installation Guide. McAfee Web Gateway. for Riverbed Services Platform

Reference Guide Revision B. McAfee Cloud Workload Security 5.0.0

Product Guide. McAfee Plugins for Microsoft Threat Management Gateway Software

McAfee Client Proxy Product Guide. (McAfee epolicy Orchestrator)

McAfee Client Proxy Product Guide

McAfee Content Security Reporter 2.6.x Installation Guide

McAfee Content Security Reporter 2.6.x Migration Guide

McAfee Client Proxy Installation Guide

Migration Guide. McAfee Content Security Reporter 2.4.0

McAfee MVISION Mobile Microsoft Intune Integration Guide

McAfee Network Security Platform 8.3

Archiving Service. Exchange server setup (2010) Secure Gateway (SEG) Service Administrative Guides

Reference Guide. McAfee Security for Microsoft Exchange 8.6.0

McAfee Enterprise Mobility Management 12.0 Software

McAfee MVISION Mobile Silverback Integration Guide

McAfee Change Control and McAfee Application Control 6.1.4

McAfee Endpoint Security for Servers Product Guide. (McAfee epolicy Orchestrator)

McAfee Policy Auditor 6.2.2

Product Guide. McAfee Endpoint Upgrade Assistant 1.5.0

McAfee File and Removable Media Protection Installation Guide

McAfee MVISION Mobile Citrix XenMobile Integration Guide

Installation Guide. McAfee epolicy Orchestrator Software. Draft for Beta

McAfee Management of Native Encryption 3.0.0

McAfee Investigator Product Guide

Product Guide. McAfee Endpoint Upgrade Assistant 1.4.0

McAfee Endpoint Security for Servers Product Guide

McAfee Endpoint Upgrade Assistant 2.3.x Product Guide

Firewall Enterprise epolicy Orchestrator

McAfee MVISION Mobile Microsoft Intune Integration Guide

Addendum. McAfee Virtual Advanced Threat Defense

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator 5.9.0)

McAfee Agent Interface Reference Guide. (McAfee epolicy Orchestrator Cloud)

Product Guide Revision A. McAfee Customer Submission Tool 2.4.0

McAfee Endpoint Security for Linux Threat Prevention Interface Reference Guide

Cloud Workload Discovery 4.5.1

McAfee Rogue System Detection 5.0.0

McAfee Drive Encryption Client Transfer Migration Guide. (McAfee epolicy Orchestrator)

Installation Guide Revision B. McAfee Cloud Workload Security 5.0.0

Installation Guide. McAfee Enterprise Mobility Management 10.1

McAfee Network Security Platform

McAfee Cloud Workload Security Suite Amazon Machine Image Installation Guide

McAfee Endpoint Upgrade Assistant Product Guide. (McAfee epolicy Orchestrator)

McAfee MVISION Mobile IBM MaaS360 Integration Guide

McAfee MVISION Mobile IBM MaaS360 Integration Guide

McAfee Network Security Platform

Hardware Guide. McAfee MVM3200 Appliance

Product Guide Revision A. Intel Security Controller 1.2

McAfee Network Security Platform 8.1

McAfee Endpoint Security Threat Prevention Installation Guide - macos

McAfee Rogue System Detection 5.0.5

McAfee Endpoint Security Threat Prevention Installation Guide - Linux

McAfee MVISION Mobile epo Extension Product Guide

McAfee Network Security Platform 9.1

McAfee Active Response 2.0.0

McAfee File and Removable Media Protection Product Guide

McAfee Network Security Platform 8.1

McAfee Application Control Windows Installation Guide. (Unmanaged)

Account Management. Administrator Guide. Secure Gateway (SEG) Service Administrative Guides. Revised August 2013

McAfee Network Security Platform 8.3

McAfee Firewall Enterprise Control Center

McAfee Application Control Windows Installation Guide

McAfee MVISION Mobile MobileIron Integration Guide

Product Guide. McAfee SiteAdvisor Enterprise 3.5 Patch2

Product Guide. McAfee GetClean. version 2.0

McAfee MVISION Mobile AirWatch Integration Guide

Product Guide Revision A. Endpoint Intelligence Agent 2.2.0

Release Notes - McAfee Deep Defender 1.0

Release Notes for McAfee(R) Security for Microsoft Exchange(TM) Version 8.0 Copyright (C) 2013 McAfee, Inc. All Rights Reserved

Product Guide. McAfee Web Gateway Cloud Service

Product Guide. McAfee Web Gateway Cloud Service

McAfee Application Control and McAfee Change Control Linux Product Guide Linux

Product Guide Revision B. McAfee Cloud Workload Security 5.0.0

Transcription:

Product Guide Self Protection addendum Revision A McAfee Host Intrusion Prevention 8.0

COPYRIGHT 2017 Intel Corporation TRADEMARK ATTRIBUTIONS Intel and the Intel and McAfee logos, McAfee Active Protection, McAfee DeepSAFE, epolicy Orchestrator, McAfee epo, McAfee EMM, Foundstone, McAfee LiveSafe, McAfee QuickClean, Safe Eyes, McAfee SECURE, SecureOS, McAfee Shredder, SiteAdvisor, McAfee Stinger, TrustedSource, VirusScan are trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other marks and brands may be claimed as the property of others. LICENSE INFORMATION License Agreement NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum 2

Contents Preface 4 About this guide... 4 Audience... 4 Conventions... 4 Find product documentation... 5 1 Self Protection 6 1.0 Enable Self Protection... 6 1.1 Setting Client UI general options... 6 2.0 Overview of the Windows Client... 7 2.1 System tray icon menu... 7 2.2 Unlocking the Windows client interface... 7 2.3 About the Self Protection tab... 8

Self Protection About this guide Preface This release adds a new dedicated Self Protection mechanism, independent of the existing Self Protection signatures that are part of McAfee Host IPS. This new feature allows administrators to enable Self Protection even if McAfee Host IPS is disabled, or for those using the Firewall Only version of the product. About this guide This information describes the guide's target audience, the typographical conventions and icons used in this guide, and how the guide is organized. Audience McAfee documentation is carefully researched and written for the target audience. The information in this guide is intended primarily for: Administrators People who implement and enforce the company's security program. Conventions This guide uses the following typographical conventions and icons. Book title or Emphasis Bold User input, Path, or Code Hypertext Note: Tip: Important/Caution: Warning/Danger: Title of a book, chapter, or topic; introduction of a new term; emphasis. Text that is strongly emphasized. Commands and other text that the user types; the path of a folder or program; a code sample. A live link to a topic or to a website. Additional information, like an alternate method of accessing an option. Suggestions and recommendations. Valuable advice to protect your computer system, software installation, network, business, or data. Critical advice to prevent bodily harm when using a hardware product. McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum 4

Self Protection Find product documentation Find product documentation On the ServicePortal, you can find information about a released product, including product documentation, technical articles, and more. 1 Go to the ServicePortal at http://support.mcafee.com and click the Knowledge Center tab. 2 In the Knowledge Base pane under Content Source, click Product Documentation. 3 Select a product and version, then click Search to display a list of documents. 5 McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum

1 Self Protection Contents 1.0 Enable Self Protection 2.0 Overview of the Windows Client 1.0 Enable Self Protection The Client UI General Settings policy enables the Self Protection settings. 1.1 Setting Client UI general options Configure settings on the General Settings tab of the Client UI policy to set the Self Protection options for Windows clients only. 1. Click the General Settings tab of the Client UI policy and under Display options select the option to Enable Self Protection. NOTE: Users who need to temporarily turn off a Host Intrusion Prevention feature to access a legitimate but blocked application or network site, they can use the Host Intrusion Prevention tray icon menu to disable a feature without opening the client console. The disabled feature remains disabled until restored by the menu command or the next policy enforcement. Note the following: Disabling IPS disables both host IPS and network IPS protection. If the Client UI is unlocked, the menu commands have no effect. For this feature, select to display the icon, then on the Advanced Options tab, select Allow disabling of features from the tray icon and select any or all of the features to be disabled. 2.0 Overview of the Windows Client Direct client-side management of the Host Intrusion Prevention Windows client is available through a client console. To display it, use the McAfee tray icon menu, or run McAfeeFire.exe in C:\Program Files\McAfee\Host Intrusion Prevention. When the client console first appears, options are locked and you can only view current settings. For complete control of all settings in the console, unlock the interface with a password. For details on creating and using passwords, see Setting Client UI advanced options and passwords under Configuring General Policies in the McAfee Host Intrusion Prevention 8.0 Product Guide for epolicy Orchestrator 4.5. 6 McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum

Self Protection 2.0 Overview of the Windows Client 2.1 System tray icon menu When the McAfee icon appears in the system tray, it provides access to the Host IPS client console. Functionality differs depending on the version of the McAfee Agent that is installed on the client. Right-click the McAfee Agent icon in the system tray, then select Manage Features Host Intrusion Prevention to open the console. NOTE: Both the McAfee Agent and the Host IPS client must be set to display an icon for this access. If the McAfee Agent does not appear in the system tray, there is no access to Host IPS with a system tray icon, even though the client may be set to display a tray icon. Under Quick Settings, these Host Intrusion Prevention options are available if the Allow disabling of features from the tray icon option is selected in an applied Client UI policy: Table 12: McAfee Agent menu Quick Settings Click... Self Protection Host IPS Network IPS Firewall To do this... Toggle Self Protection on and off. Toggle Host IPS protection on and off. Toggle Network IPS protection on and off Toggle Firewall protection on and off. Also under Quick Settings, if the Enable timed group from McAfee tray icon menu option on the Schedule tab is selected for a firewall group in an applied Firewall Rules policy, these additional commands are available: Table 13: McAfee Agent menu with Enable timed group Click... To do this... Enable timed firewall groups Enable timed firewall groups for a set amount of time to allow non-network access to the Internet before rules restricting access are applied. Each time you select this command, you reset the time for the groups. View Host IPS Timed Firewall Groups Status View the names of the timed groups and the amount of time remaining for each group to be active. 2.2 Unlocking the Windows client interface An administrator remotely managing Host Intrusion Prevention using epolicy Orchestrator can password protect the interface to prevent accidental changes. Fixed passwords that do not expire and temporary time-based passwords, allow an administrator or user to temporarily unlock the interface and make changes. McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum 7

Self Protection 2.0 Overview of the Windows Client Before you begin Be sure that the Host IPS General: Client UI policy, which contains the password settings, has been applied to the client. This occurs at the scheduled policy update or by forcing an immediate policy update. The client does not recognize the password until the policy update takes place. 1 Obtain a password from the Host Intrusion Prevention administrator. NOTE: For details on creating a password, see Setting Client UI advanced options and passwords under Configuring General Policies in the McAfee Host Intrusion Prevention 8.0 Product Guide for epolicy Orchestrator 4.5. 2 Open the client console, and select Unlock User Interface. 3 In the Login dialog box, type the password and click OK. 2.3 About the Self Protection tab Use the Self Protection Policy tab to Enable or Disable the Self Protection feature. From this tab you can enable or disable functionality. Customizing Self Protection Policy options Options on the tab control settings are delivered by the server-side Self Protection policies after the client interface is unlocked. 1 In the Host IPS Client console, click the Self Protection tab. 2 Select or deselect an option as needed. Select... Self Protection To do this... Toggle Self Protection on and off. 8 McAfee Host Intrusion Prevention 8.0 Product Guide Self Protection addendum

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback