McAfee UTILITIES 4.0 Betriebsanweisung Seite 93
- Seite / 112
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
is always suspicious activity. If you see this dialog box, immediately investigate the application
that sent the spoofed traffic.
NOTE: The Spoof Detected Alert dialog box appears only if you select the Display pop-up
alert option. If you do not select this option, Host Intrusion Prevention automatically blocks
the spoofed traffic without notifying you.
The Spoof Detected Alert dialog box is very similar to the firewall feature’s Learn Mode
alert. It displays information about the intercepted traffic on two tabs — the Application
Information tab, and the Connection Information tab.
The Application Information tab displays:
• The IP address that the traffic pretends to come from.
• Information about the program that generated the spoofed traffic.
• The time and date when Host Intrusion Prevention intercepted the traffic.
The Connection Information tab provides further networking information. In particular,
Local Address shows the IP address that the application is pretending to have, while Remote
Address shows your actual IP address.
When Host Intrusion Prevention detects spoofed network traffic, it tries to block both the traffic
and the application that generated it. It does this by adding a new rule to the end of the firewall
rule list. This Block spoofing attacker rule specifically blocks all traffic created by the suspicious
application, unless another rule in the rule list overrides it.
About the IPS Policy tab
Use the IPS Policy tab to configure the IPS feature, which protects against host intrusion attacks
based on signature and behavioral rules. From this tab you can enable or disable functionality
and configure client exception rules. For more details on IPS policies, see the section on
Configuring IPS policies.
IPS Policy tab displays exception rules relevant to the client and provides summary and detailed
information for each rule.
DisplaysThis column...
The name of the exception.Exception
The name of the signature against which the exception is created.Signature
The application that this rule applies to, including the program name and executable
file name.
Application
Customizing IPS Policy options
Options at the top of the tab control settings delivered by the server-side IPS policies after the
client interface is unlocked. Use this task to customize IPS options.
Task
1 In the Host IPS client console, click the IPS Policy tab.
2 Select or deselect an option as needed.
To do this...Select...
Enable host intrusion prevention protection.Enable Host IPS
Working with Host Intrusion Prevention Clients
Overview of the Windows client
93McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Verwandte Produkte und Handbücher für Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Betriebsanweisung
(41 Seiten)
(41 Seiten)
Software McAfee QUICKCLEAN 1.0 Betriebsanweisung
(41 Seiten)
(41 Seiten)
Software McAfee GUARD DOG 2 Betriebsanweisung
(128 Seiten)
(128 Seiten)
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.084 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern