Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Index<br />
<strong>McAfee</strong> Default policy (continued)<br />
<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 9<br />
<strong>McAfee</strong> recommendations<br />
contact <strong>McAfee</strong> support to disable HIPS engine 90<br />
duplicate a policy be<strong>for</strong>e assigning to a group 10<br />
<strong>for</strong> VPN connections, set quarantine rules 55<br />
group <strong>Host</strong> IPS clients logically 18<br />
group systems by <strong>Host</strong> IPS criteria 10<br />
phased <strong>Host</strong> IPS deployment 18<br />
tune <strong>Host</strong> IPS default policies 18<br />
use IPS Protection to stagger impact of events 11<br />
monitored processes, viewing 97<br />
My Default policy<br />
Application Blocking 70<br />
Application Blocking Rules 71<br />
Client UI 77<br />
Firewall Options 56<br />
Firewall Rules 57<br />
<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 9<br />
Quarantine Options 64<br />
Trusted Applications 82<br />
Trusted Network 81<br />
N<br />
network adapters<br />
allowed types, stateful firewall 50<br />
conditions to allow connection 50<br />
network intrusion prevention signatures 25<br />
network layers and protocols, illustrated 45<br />
network signatures 31<br />
NIPS (network intrusion prevention signatures) 24, 96<br />
notifications, <strong>Host</strong> IPS<br />
about 21<br />
configuring 18<br />
event categories 21<br />
rules and events 21<br />
supported product-specific categories 22<br />
O<br />
operating systems<br />
host and network IPS, signatures 24<br />
IPv6 and stateful functionality 45<br />
out-of-the-box protection<br />
default <strong>Host</strong> IPS policies 16<br />
<strong>Host</strong> IPS basic 8<br />
preset <strong>Host</strong> IPS policies 11<br />
P<br />
packages<br />
<strong>Host</strong> IPS content updates 22<br />
packet filtering and inspection 45, 46<br />
passwords<br />
<strong>for</strong> Client UI policy 78<br />
unlocking the Windows client console 87<br />
using hipts troubleshooting tool 100<br />
permission sets<br />
<strong>Host</strong> IPS permissions 20<br />
managing <strong>Host</strong> IPS deployment 20<br />
who configures the system 18<br />
policies, <strong>Host</strong> IPS<br />
and their categories 9<br />
Application Blocking Options 70<br />
application blocking, customizing 96<br />
assigned owner 10<br />
policies, <strong>Host</strong> IPS (continued)<br />
client rules, creating exceptions 11<br />
configuring IPS Options 27<br />
defaults, basic protection 8<br />
defined 9<br />
firewall (See firewall, <strong>Host</strong> IPS) 8<br />
Firewall Options 56, 57<br />
Firewall Rules 57, 59<br />
how policies are applied 10<br />
how policies are en<strong>for</strong>ced 9<br />
intrusion prevention (IPS) 8<br />
managing 17<br />
overriding, with client exceptions 11<br />
overview of features 8<br />
ownership 8<br />
Policy Catalog 17<br />
preset protection 11<br />
Quarantine Options 55, 64<br />
Quarantine Options policy 92<br />
Quarantine Rules 65<br />
trusted applications 8<br />
tuning defaults 18<br />
usage profiles and tuning 11<br />
viewing policies 17<br />
where to find 17<br />
policy assignment<br />
editing Application Blocking Options 70<br />
<strong>Host</strong> IPS and 10<br />
working with Firewall Options 56<br />
Policy Catalog<br />
Application Blocking 70<br />
Application Blocking Options 70<br />
Application Blocking Rules 71<br />
Client UI 77<br />
custom firewall policies, creating 56, 57<br />
managing <strong>Host</strong> IPS policies 17<br />
ownership <strong>for</strong> <strong>Host</strong> IPS policies 8<br />
Quarantine Options 64<br />
Trusted Applications 82<br />
Trusted Network 81<br />
Trusted Networks 81<br />
policy en<strong>for</strong>cement<br />
<strong>Host</strong> IPS and 9<br />
<strong>Host</strong> IPS clients and <strong>ePO</strong> 7<br />
Linux client and 102<br />
Solaris client and 99<br />
policy management<br />
accessing <strong>Host</strong> IPS policies 17<br />
analyzing <strong>Host</strong> IPS events and client rules 16<br />
<strong>Host</strong> IPS extension file 9<br />
Linux client and 102<br />
Policies tab, <strong>Host</strong> IPS 17<br />
tracking <strong>Host</strong> IPS policies 10<br />
tuning <strong>Host</strong> IPS 10, 11, 16<br />
ports<br />
blocked traffic and firewall rules 54<br />
connections and firewall alerts 91<br />
firewall and state table entries 47<br />
FTP connections and stateful packet inspection 49<br />
precedence<br />
firewall rules list 47<br />
General policies, <strong>Host</strong> IPS and 76<br />
Network IPS and IP addresses 81<br />
Trusted Networks policy 81<br />
preconfigured policies<br />
Application Blocking 70<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong><br />
109