McAfee HISCDE-AB-IA Product Guide - Page 15
Host IPS Event Info Hidden, Read, Firewall Outbound Learn Mode Status
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 15 highlights
Managing Your Protection Information management • Blocked Attackers • Client Version • Content Version • Firewall Adaptive Mode Status • Firewall Fault (Errors) • Firewall Inbound Learn Mode Status • Firewall Outbound Learn Mode Status • Firewall Rule Count • Firewall Status • Host IPS Fault (Errors) • Host IPS Status • Install Directory • Language • Local Exception Rule Count • Network IPS Status • Pending Reboot • Plug-in Version • Product Status • Service Running • Hotfix/Patch Version • Product Version • Service Pack • Host IPS Event Info (Hidden, Read) • Signature Name Pre-defined queries In addition to custom queries, you can use several pre-defined queries as is, or edit them to obtain just the information you need. Select from these Host IPS predefined queries: HIP Query Summary Client Rules By Process Displays firewall client rules listed by process. Client Rules By Process/Port Displays firewall client rules listed by process and port range. Range Client Rules By Process/User Displays firewall client rules listed by process and user. Client Rules By Protocol/System Name Displays firewall client rules listed by protocol and system name. Client Rules By Protocol/Port Displays firewall client rules listed by protocol and port range. Range Client Rules by Protocol/Process Displays firewall client rules listed by protocol and process. Client Versions Displays top three client versions with a single category for all other versions. Clients Pending Restart Displays managed systems where Host IPS is deployed and the installer needs to restart the system. Content Versions Displays top three content versions with a single category for all other versions. Count of FW Client Rules Displays the number of Firewall client rules created over time. Count of IPS Client Rules Displays the number of IPS client rules created over time. Desktop High Triggered Signatures Displays the top 10 most triggered IPS signatures of High Severity (Critical). Desktop Medium Triggered Signatures Displays the top 10 most triggered IPS signatures of Medium Severity (Warning). Desktop Low Triggered Signatures Displays the top 10 most triggered IPS signatures of Low Severity (Notice). Events From Host IPS Trusted Displays events generated by systems within Host IPS trusted networks. Networks McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5 15