McAfee HISCDE-AB-IA Product Guide - Page 73
Configuring General Policies, Overview of General policies
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 73 highlights
Configuring General Policies The General feature of Host Intrusion Prevention provides access to policies that are general in nature and not specific to either IPS or the firewall. Contents Overview of General policies Define client functionality Define trusted networks Define trusted applications Overview of General policies General policies work with both the IPS and firewall features and control client access and both trusted networks and applications. All policies and options apply to Windows operating systems. On non-Windows systems, only select policies and options apply. For details refer to Policy enforcement with the Solaris/Linux client under Working with Host IPS Clients. Available policies There are three General policies: Client UI - Determines which options are available for a Windows client computer, including whether the Host IPS client icon appears in the system tray, types of intrusion alerts, passwords for access to the client interface, and troubleshooting options. The password functionality is used for clients on both Windows and non-Windows platforms. Trusted Networks - Lists IP addresses and networks, including TrustedSource exceptions, that are safe for communication. Trusted networks can include individual IP addresses or ranges of IP addresses. Marking networks as trusted eliminates or reduces the need for network IPS exceptions and additional firewall rules. For Windows clients only. Trusted Applications - Lists applications that are safe and have no known vulnerabilities. Marking applications as trusted eliminates or reduces the need for IPS exceptions and additional firewall rules. Like the IPS Rules policy, this policy category can contain multiple policy instances. For clients on both Windows and non-Windows platforms. Settings for Trusted Networks and Trusted Applications policies can reduce or eliminate false positives, which aids in tuning a deployment. McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5 73