McAfee HISCDE-AB-IA Product Guide - Page 18
Creating a new policy, Changing policy assignment, Default protection and tuning
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 18 highlights
Managing Your Protection Policy management Creating a new policy To create a new policy, you copy of an existing one and name the new copy. You can do this either in the Policy Catalog or from a Policy page. Task For option definitions, click ? in the interface. • Do one of the following from the Policy Catalog: • Click the New Policy button. Select the policy you want to make a copy of, type the name of the new policy, and click OK. • Click the Duplicate link for a policy. Type the name of the new policy, and click OK. • Click the View or Edit link for a policy, then on the Policy page, click the Duplicate button. Type the name of the new policy, and click OK. The duplicated policy appears. Edit the policy and click Save. Changing policy assignment Use this task to change the Host Intrusion Prevention policy assignment for a group or a single system in the ePolicy Orchestrator System Tree. Task For option definitions, click ? in the interface. • Do one of the following: • For a group, go to Systems | System Tree, select a group, and then on the Assigned Policies tab click Edit Assignment. • For a system go to Systems | System Tree, select a group that contains the system, and then on the System tab, select the system and select Actions | Agents | Modify Policies on a Single System. Default protection and tuning Host Intrusion Prevention works with default policies for basic protection. It allows greater protection through custom settings obtained through manual or automatic tuning. Default protection Host Intrusion Prevention ships with a set of default policies that provide basic protection for your environment. Both IPS and firewall protection are off by default and must enabled to allow default rules policies to be enforced. For advanced protection, switch from the default IPS policies to stronger preset policies, or create custom policies. Start with a sample deployment to monitor and tune the new settings. Tuning involves balancing intrusion prevention protection and access to required information and applications per group type. Manual tuning Manual tuning requires direct monitoring for a set period of time of events and client rules that are created. 18 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5