Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Introducing <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0<br />
Policy tracking and tuning<br />
You can reduce the number of false positives by creating exception rules, trusted applications,<br />
and firewall rules.<br />
• Exception rules are mechanisms <strong>for</strong> overriding a security policy in specific circumstances.<br />
• Trusted applications are application processes that ignore all IPS, Firewall, or Application<br />
Blocking rules.<br />
• Firewall rules determine whether traffic is permissible, and block packet reception or allow<br />
or block packet transmission.<br />
Dashboards and queries<br />
Dashboards enable you to track your environment by displaying several queries at once. These<br />
queries can be constantly refreshed or run at a specified frequency.<br />
Queries enable you to obtain data about a particular item and filter the data <strong>for</strong> specific subsets<br />
of that data, <strong>for</strong> example high-level events reported by particular clients <strong>for</strong> a specified time<br />
period. Reports can be scheduled and sent as an email message.<br />
12<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong>