Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Index<br />
A<br />
activity logs, <strong>Host</strong> IPS<br />
customizing options 98<br />
deleting entries 98<br />
firewall logging options 90<br />
IPS logging options 89<br />
viewing 98<br />
working with Activity Log tab 98<br />
adaptive mode<br />
about 11<br />
analyzing client rules 74<br />
application blocking and 70<br />
application blocking client rules 69<br />
automatic tuning 17<br />
client rules, application blocking 74<br />
exception rules and 26<br />
Firewall Options policies 56<br />
firewall rules 54<br />
Firewall Rules policies 57<br />
IPS Options policy 27<br />
placing <strong>Host</strong> IPS clients in 19, 27<br />
Quarantine Rules policies 65<br />
stateful filtering 55<br />
alerts, <strong>Host</strong> IPS<br />
application blocking 92<br />
firewall 91<br />
intrusion alerts 90<br />
learn mode and unknown network traffic 54<br />
quarantine alerts 92<br />
responding to 90, 91, 92<br />
setting options <strong>for</strong> clients 87<br />
spoof detected 92<br />
Windows clients 90<br />
allow and block actions<br />
application blocking 69<br />
network communications, Firewall Policy 94<br />
stateful firewall filtering 48<br />
application blocking<br />
about 9<br />
alerts 92<br />
client rules 14, 69, 74<br />
configuring 70<br />
configuring policy rules 95<br />
creation options 96<br />
custom queries 14<br />
customizing policy options 96<br />
hooking options 96<br />
how it works 69<br />
overview 69<br />
permissions <strong>for</strong> 20<br />
policy rules, working with 71<br />
rules list, viewing 96<br />
rules, creating and editing 73<br />
Application Blocking Options policy<br />
about 9<br />
configuring 70<br />
working with 70<br />
Application Blocking Rules policy<br />
about 9<br />
configuring 72<br />
turning on and off 70<br />
working with 71<br />
application protection rules<br />
configuring 37<br />
controlling which programs run 69<br />
creating 37<br />
IPS Rules policy 30, 37<br />
overview 35<br />
processes, allowed or blocked 35<br />
working with 35<br />
B<br />
behavioral rules<br />
defining legitimate <strong>Host</strong> IPS acitivity 25<br />
Blocked <strong>Host</strong>s tab, working with 96<br />
buffer overflow<br />
configuring Trusted Applications policy 82<br />
IPS behavioral rules and 25<br />
preventing on Solaris client 99<br />
C<br />
CAG (See connection-aware groups) 52<br />
client rules<br />
application hooking and creation 69<br />
creatng exceptions 26<br />
Firewall, managing 62<br />
firewall, overview 55<br />
<strong>Host</strong> IPS queries and 14<br />
IPS Rules policy 30<br />
IPS Rules policy, overview 43<br />
Client UI policy<br />
about 9<br />
configuring 76, 77<br />
options 87<br />
passwords 78<br />
tray icon control, configuring 79<br />
troubleshooting 80, 100<br />
working with 76<br />
clients<br />
analyzing data on <strong>Host</strong> IPS clients 19<br />
error reporting 88<br />
Linux (See Linux client) 102<br />
naming conventions <strong>for</strong> <strong>Host</strong> IPS 18<br />
Quarantine Options policy 55<br />
queries <strong>for</strong> groups of 13<br />
Solaris (See Solaris client) 99<br />
troubleshooting installation issues 100<br />
tuning <strong>Host</strong> IPS 19<br />
106<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong>