Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Managing Your Protection<br />
Management of a <strong>Host</strong> IPS deployment includes monitoring, analyzing, and reacting to activities;<br />
changing and updating policies; and per<strong>for</strong>ming system tasks.<br />
Contents<br />
Management of in<strong>for</strong>mation<br />
Management of policies<br />
Management of systems<br />
Management of in<strong>for</strong>mation<br />
After you have installed <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> you can track and report on security issues<br />
that arise in your environment. Use the dashboards to get a daily view of the security situation<br />
or run queries <strong>for</strong> detailed in<strong>for</strong>mation on particular issues.<br />
<strong>Host</strong> IPS activities and dashboards<br />
Dashboards, a collection of monitors, are an essential tool <strong>for</strong> managing your environment.<br />
Monitors can be anything from a chart-based query to a small web-application, like the MyAvert<br />
Threat Service. You can create and edit multiple dashboards, provided you have the permissions.<br />
Use any chart-based query as a dashboard that refreshes at a specified frequency, so you can<br />
put your most useful queries on a live dashboard.<br />
<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> provides a default dashboard with these monitors:<br />
• Firewall Status<br />
• <strong>Host</strong> IPS Status<br />
• Service Status<br />
• Count of IPS Client Rules<br />
• Content Versions<br />
• Top 10 NIPS Events by Source IP<br />
For more in<strong>for</strong>mation about creating and using dashboards, refer to the ePolicy Orchestator<br />
<strong>4.0</strong> documentation.<br />
Queries <strong>for</strong> <strong>Host</strong> IPS activities<br />
<strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> includes query functionality through ePolicy Orchestrator. You can<br />
create useful queries from events and properties stored in the <strong>ePO</strong> database or use predefined<br />
queries.<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong><br />
13