McAfee HISCDE-AB-IA Product Guide - Page 150
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 150 highlights
Index custom signatures (continued) Linux, UNIX_file (Files) 127 Linux, UNIX_misc 131 optional sections 104 overview for Linux and Solaris 127 overview for Windows 107 rule structure 101 section value variables 104 Solaris 127 Solaris, UNIX_apache (HTTP) 130 Solaris, UNIX_bo 132 Solaris, UNIX_file (Files) 127 Solaris, UNIX_GUID 133 Solaris, UNIX_map 133 Solaris, UNIX_misc 131 wildcards 104 Windows, Buffer Overflow 107 Windows, directives per platform 123 Windows, Files 108 Windows, Hook 111 Windows, Illegal 113 Windows, Illegal API Use 112 Windows, Isapi 113 Windows, Program 116 Windows, Registry 117 Windows, Services 120 Windows, SQL 122 D dashboards default Host IPS monitors 12 managing information in Host IPS 12 queries and Host Intrusion Prevention 10 viewing compliance and Host IPS issues 17 deployment Host IPS policies and 10 initial Host IPS client rollout 19 server tasks for Host IPS 23 usage profiles in Host IPS 10 DNS blocking rules creating and editing 70 E effective policy with multiple-instance policies 38 enveloping and shielding 30 events, Host IPS automatic responses 26 analyzing and tuning 10 automatic responses 26 behavioral rules 32 exceptions 32 firewall, activity logs 93 intrusion alerts, responding to 86 IPS Rules policy 36 logging and IPS Events tab 33 managing 48 signature violations 33 working with 47 exception rules about 32 aggregation and client rules 50 automatic tuning 20 configuring IPS Rules policy 46 Create Exception 86 exception rules (continued) creating 47 creating, based on an event 47 defined 10 editing IPS policies 89 events and 47 IPS Rules policy 36, 46 list, Windows client and 88 working with 46 F false positives exceptions and IPS Rules policy 46 Trusted Applications policy, reducing 78 tuning Host IPS policies 10 FAQ adaptive mode 21 multiple-instance policies 38 filters Host IPS events and queries 10 how firewall stateful filtering works 60 querying Host IPS activities 13 Firewall DNS Blocking policy about 8 define 67 overview 52 Firewall Options policy TrustedSource 66 about 8 configuring 65 overview 52 working with 64 Firewall policies, Host IPS feature overview 52 firewall protection disable 64 enable 64 firewall rules creating and editing 69 Firewall Rules policy wildcards 72 about 8 client rules, managing 71 configuring 68 define 67 groups, creating 69 overview 52 firewall, Host IPS stateful packet inspection 59, 61 about 8 actions, allow and block 60 alerts 87 client rules 13, 64 customizing options 90 DNS blocking rules 70 Firewall Options, configuring 65 firewall rule groups, creating 69 firewall rules 10, 67, 69 firewall rules list, ordering 53 Firewall Rules, configuring 68 how firewall rules work 53 learn and adaptive modes 63 list of rules 68, 89, 90 location-aware groups 70 logging options 85 150 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5