TDR and Microsoft Security Essentials. Integration Guide

Similar documents
TDR and Windows Defender. Integration Guide

TDR and Symantec. Integration Guide

Okta SAML Authentication with WatchGuard Access Portal. Integration Guide

OneLogin SAML Authentication with WatchGuard Access Portal. Integration Guide

Mitel Cloud VOIP. Integration Guide

Threat Detection and Response. Deployment Guide

SecureW2 and Wi-Fi Cloud. Integration Guide

Fireware. AP Deployment Guide. WatchGuard APs Gateway Wireless Controller Fireware OS v12.1

TDR and Panda Fusion. Integration Guide

TDR and Kaspersky. Integration Guide

TDR and Avast Business Antivirus. Integration Guide

TDR and Symantec. Integration Guide

TDR & Bitdefender. Integration Guide

TDR and ESET Endpoint. Integration Guide

TDR and McAfee. Integration Guide

Firebox Cloud. Deployment Guide. Firebox Cloud for AWS and Microsoft Azure

TDR and Sophos Software. Integration Guide

TDR and Malwarebytes. Integration Guide

Configuration Example

WatchGuard XTMv Setup Guide

TDR and Trend Micro. Integration Guide

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

Configuration Example

WatchGuard XTMv Setup Guide Fireware XTM v11.8

SOLO NETWORK. UTM-Enabled Network Protection. Unlocking the Promise of

OUR SECURITY, DELIVERED YOUR WAY

Quick Start Guide WatchGuard Technologies, Inc.

NTP Software File Auditor for Windows Edition

Securing Your Airspace with WatchGuard s Wireless Intrusion Prevention (WIPS)

Integration Guide. AlienVault Unified Security Management (USM)

Threat Detection and Response Release Notes Introduction

NetIQ Secure Configuration Manager Installation Guide. October 2016

Revised: 22 November Integration Guide

Quick Start Guide. WatchGuard XCS Platform Appliance Models: 170, 370, 570, 770, and 770R. Guide de démarrage rapide Kurzanleitung Guida introduttiva

Skybox Product Tour. Installation and Starting Your Product Tour Tour Login Credentials: User Name: skyboxview Password: skyboxview

WatchGuard Technologies

Growth Leadership, Unified Threat Management (UTM) Global, 2010

OUR SECURITY DELIVERED YOUR WAY

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Integrate Symantec Messaging Gateway. EventTracker v9.x and above

AP120 INDOOR ACCESS POINT

Installation Guide. Citrix License Server VPX v1.01

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENSv2 for cloud and on-premises deployments

Integration Guide PRTG

Integration Guide. NetIQ Sentinel Enterprise

McAfee MVISION Endpoint 1808 Installation Guide

Exclaimer Mail Disclaimers 1.0 Release Notes

CHANGING IP ADDRESS OF PERSYSTENT SERVER

Integration Guide. Eduroam

Independent DeltaV Domain Controller

Daniel MeterLink Software v1.40

LifeSize Gatekeeper Installation Guide

Integrate Microsoft Antimalware. EventTracker v8.x and above

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Odin. SMB Cloud InsightsTM GLOBAL

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Integrate Sophos Enterprise Console. EventTracker v8.x and above

Elixir Repertoire supports any Java SE version 6.x Runtime Environment (JRE) or later compliant platforms such as the following:

License Manager Client

Centrify for Dropbox Deployment Guide

EA/Studio Installation Guide

Cisco Jabber for Android 10.5 Quick Start Guide

NTP Software QFS End User Support Infrastructure

DefendX Software Control-QFS for Isilon Installation Guide

McAfee MVISION Endpoint 1811 Installation Guide

Validating Microsoft Exchange 2010 on Cisco and NetApp FlexPod with the F5 BIG-IP System

Symantec Industrial Control System Protection (ICSP) Support for DeltaV Systems


Implementing and Supporting Windows Intune

NTP Software QFS for Isilon

AMS Machinery Manager

1.0. Quest Enterprise Reporter Discovery Manager USER GUIDE

Installation and User Guide Worksoft Certify Content Merge

Exclaimer Signature Manager 2.0 Release Notes

Endpoint Security for DeltaV Systems

Exclaimer Mail Disclaimers 1.0 Release Notes

WatchGuard System Manager Fireware Configuration Guide. WatchGuard Fireware Pro v8.1

Copyright 2018 Lepide Software Private Limited. All rights reserved.

TECHNOLOGY PARTNER. WatchGuardONE Technology Partner Program Guide. Partner. Promote. Solve.

Deploying Windows Server 2003 Internet Authentication Service (IAS) with Virtual Local Area Networks (VLANs)

Centrify Infrastructure Services

NTP Software VFM Recovery Portal

Version: Shoper 9 LiveUpdate/1.21/March 2011

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

Avigilon Control Center Virtual Matrix User Guide. Version 5.4.2

Key Features. DATA SHEET

NTP Software File Reporter Analysis Server

Cisco Jabber IM for iphone Frequently Asked Questions

CP600 Card Programmer Quick Start Guide

DEPLOY PERSYSTENT AGENT

Monarch Installation and Activation Guide. Version 15.x

Dome CXtra User s Guide. Solaris Systems

About One Identity Quick Connect for Base Systems 2.4.0

COMMVAULT EDGE OUR DATA, OUR SERVER TRIAL GUIDE

WatchGuard SSL Web UI 3.2 User Guide

Installation Guide Install Guide Centre Park Drive Publication Date: Feb 11, 2010

KeyNexus Hyper-V Deployment Guide

Cisco UCS C-Series IMC Emulator Quick Start Guide. Cisco IMC Emulator 2 Overview 2 Setting up Cisco IMC Emulator 3 Using Cisco IMC Emulator 9

License Server Installation Guide. Version 14.1

Quest Collaboration Services 3.6. Installation Guide

Transcription:

TDR and Microsoft Security Essentials Integration Guide

i WatchGuard Technologies, Inc.

TDR and Microsoft Security Essentials Deployment Overview Threat Detection and Response (TDR) is a collection of advanced malware defense tools that correlate threat indicators from Fireboxes and Host Sensors to enable real-time, automated response to stop known, unknown, and evasive threats. As part of the TDR solution, you install TDR Host Sensors to provide endpoint protection. In some cases, the TDR Host Sensor might have conflicts with the antivirus software installed on your endpoints. To resolve this issue, you can configure exclusions in the antivirus software and in TDR. This document includes information about the integration of a TDR Host Sensor with a host that runs Microsoft Security Essentials. It does not describe the procedure to set up Threat Detection and Response. For information about how to set up your TDR account, how to enable TDR on a Firebox, and how to install a Host Sensor, see Quick Start Set Up Threat Detection and Response. Integration Summary To avoid conflicts between the TDR Host Sensor and Microsoft Security Essentials, add these exclusions: Exclusions in TDR for Microsoft Security Essentials: o C:\ProgramData\Microsoft\Microsoft Antimalware\ Exclusions in Microsoft Security Essentials for the TDR Host Sensor: o o 64-bit Windows C:\Program Files (x86)\watchguard\threat Detection and Response\ 32-bit Windows C:\Program Files\WatchGuard\Threat Detection and Response\ If the Host Sensor and Microsoft Security Essentials detect and respond to a threat at the same time, this can cause high utilization of system resources such as CPU, memory, and disk I/O. TDR and Microsoft Security Essentials Integration Guide 1

Configuration Details To complete this deployment, you must have: An active Threat Detection and Response subscription with Host Sensor licenses Windows 7 Firebox with Fireware v12.0 or higher TDR Host Sensor 5.2.1.8015 Microsoft Security Essentials 4.10.209.0 The Windows test environment for this deployment included: Windows 7 Enterprise 64-bit Operating System Memory (RAM) 8 GB Processor 4 CPU Cores Configure Exclusions in TDR In your TDR account, add the exclusions to manually identify paths for files and processes that you do not want Host Sensors to monitor. Before you deploy a Host Sensor on computers that have Microsoft Security Essentials installed, add exclusions for the Microsoft Security Essentials file paths as TDR Exclusions in your TDR account. To exclude Microsoft Security Essentials directories, add exclusions with these paths in your TDR account. Folders specified in an exclusion must end with a backslash. C:\ProgramData\Microsoft\Microsoft Antimalware\ To add an exclusion in TDR: 1. Log in to your TDR account or managed account as a user with Operator privileges. 2. Select Configuration > Exclusion. 3. Click Add Exclusion. The Add Exclusion dialog page appears. 4. In the Path text box, type the path to exclude. 5. Click Save. 2 WatchGuard Technologies, Inc.

Configure Exclusions in Microsoft Security Essentials In Microsoft Security Essentials add the exclusions to identify the paths for files and locations to exclude. To prevent conflicts between the Host Sensor and Microsoft Security Essentials, we recommend you add exclusions in Microsoft Security Essentials for the paths used by the TDR Host Sensor. To exclude TDR Host Sensor files on 64-bit Windows add an exclusion for: C:\Program Files (x86)\watchguard\threat Detection and Response\ To add an exclusion in Microsoft Security Essentials: 1. Open Microsoft Security Essentials board. 2. Select the Settings tab. 3. From the left panel, select Excluded files and locations. 4. Click Browse to add exclusion. For information about the integration testing methodology, see TDR Testing Methodology. TDR and Microsoft Security Essentials Integration Guide 3

About This Guide Guide Type Documented Integration WatchGuard or a Technology Partner has provided documentation demonstrating integration. Guide Details WatchGuard provides integration instructions to help our customers configure WatchGuard products to work with products created by other organizations. If you need more information or technical support about how to configure a third-party product, see the documentation and support resources for that product. Information in this guide is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc. Guide revised: 1/17/2018 Copyright, Trademark, and Patent Information Copyright 1998 2018 WatchGuard Technologies, Inc. All rights reserved. All trademarks or trade names mentioned herein, if any, are the property of their respective owners. Complete copyright, trademark, patent, and licensing information can be found in the Copyright and Licensing Guide, available online at http://www.watchguard.com/wgrd-help/documentation/overview. About WatchGuard WatchGuard Technologies, Inc. is a global leader in network security, providing best-in-class Unified Threat Management, Next Generation Firewall, secure Wi-Fi, and network intelligence products and services to more than 75,000 customers worldwide. The company s mission is to make enterprisegrade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Address 505 Fifth Avenue South Suite 500 Seattle, WA 98104 Support www.watchguard.com/support U.S. and Canada +877.232.3531 All Other Countries +1.206.521.3575 Sales U.S. and Canada +1.800.734.9905 All Other Countries +1.206.613.0895 TDR and Microsoft Security Essentials Integration Guide 4

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback