Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Configuring General Policies<br />
Working with Client UI policies<br />
User type<br />
Regular<br />
Disconnected<br />
Administrator<br />
Functionality<br />
The average user who has the <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> client installed on a desktop or<br />
laptop. The Client UI policy enables this user to:<br />
• View the <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> client icon in the system tray and launch the client<br />
user interface.<br />
• Get pop-up intrusion alerts or prevent them.<br />
• Create additional IPS, firewall, and application blocking rules.<br />
The user, perhaps with a laptop, who is disconnected from the <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong><br />
server <strong>for</strong> a period of time. The user might have technical problems with <strong>Host</strong> <strong>Intrusion</strong><br />
<strong>Prevention</strong> or need to per<strong>for</strong>m operations without interaction with it. The Client UI policy<br />
enables this user to obtain a time-based password to per<strong>for</strong>m administrative tasks, or to<br />
turn protection features on or off.<br />
An IT administrator <strong>for</strong> all computers who needs to per<strong>for</strong>m special operations on a client<br />
computer, overriding any administrator-mandated policies. The Client UI policy enables<br />
this user to obtain a non-expiring administrator password to per<strong>for</strong>m administrative tasks.<br />
Administrative tasks <strong>for</strong> both disconnected and administrator users include:<br />
• Enabling or disabling IPS, Firewall, and Application Blocking Options policies.<br />
• Creating additional IPS, Firewall, and Application Blocking rules if certain legitimate<br />
activity is blocked.<br />
NOTE: Administrative policy changes made from the ePolicy Orchestrator console will be<br />
en<strong>for</strong>ced only after the password expires. Client rules created during this time are retained<br />
if allowed by administrative rules.<br />
The Client UI policy contains a preconfigured policy and an editable My Default policy. You<br />
can view and duplicate the preconfigured policy; you can, create, edit, rename, duplicate, delete,<br />
and export editable custom policies.<br />
On the Policy Catalog policy list page, click New Policy to create a new custom policy; click<br />
Duplicate under Actions to create a new custom policy based on an existing policy.<br />
Change the policy’s assignment on the Policy Assignment page. For a group, go to Systems<br />
| System Tree, select a group, and then on the Policies tab click Edit Assignment.. For a<br />
system go to Systems | System Tree, select a group that contains the system, and then on<br />
the System tab, select the system and select More Actions | Modify Policies on a Single<br />
System.<br />
Tasks<br />
Configuring a Client UI policy<br />
Configuring Client UI passwords<br />
Configuring Client UI tray icon control<br />
Configuring Client UI troubleshooting<br />
Configuring a Client UI policy<br />
Use this task to determine what options are available to a Windows client computer. These<br />
include icon display settings, intrusion event reactions, and administrator and client user access.<br />
For non-Windows clients, only the password feature is available.<br />
Task<br />
For option definitions, click ? on the page displaying the options.<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong><br />
77