McAfee TEECDE-AA-AA Evaluator Guide

McAfee TEECDE-AA-AA - Total Protection For Endpoint Manual

Get McAfee TEECDE-AA-AA - Total Protection For Endpoint PDF manuals and user guides View all McAfee TEECDE-AA-AA manuals
Add to My Manuals
Save this manual to your list of manuals

McAfee TEECDE-AA-AA manual content summary:

  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 1
    McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 2
    without the written permission of McAfee, Inc., or its MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND.
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 3
    requirements 7 Database requirements 8 Operating systems language support 10 Setting up McAfee Total Protection for Endpoint suite 11 Logging 16 Setting Policies for Endpoints 18 Setting Policies for Email Servers 26 Set Tasks for Endpoints 32 Deploy the McAfee Agent 35 Using Dashboards and
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 4
    McAfee security for endpoints, email, web, and data. Compared to purchasing and maintaining multiple security components from multiple vendors, McAfee their respective product guides. Full product documentation is available on the McAfee KnowledgeBase. Under Self Service, click Product Documentation
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 5
    Agent is the client-side framework that supports the McAfee security management infrastructure. It provides secure communication between point-products and ePolicy Orchestrator, and local services to point-products. As a framework, the McAfee Agent enables point-products to focus on enforcing their
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 6
    data from being disclosed by employees. Anti-Spam integrates with McAfee GroupShield and McAfee Security for Lotus Domino to reduce resource usage on your , you will use ePolicy Orchestrator and the McAfee Agent to handle the deployment and updates. McAfee recommends that you use the workflow in the
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 7
    . IP address - McAfee recommends using static IP addresses for ePO servers. Server-class operating system - 32bit or 64bit • Windows Server 2003 Enterprise with Service Pack 2 or later • Windows Server 2003 Standard with Service Pack 2 or later • Windows Server 2003 Web with Service Pack 2 or later
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 8
    can be installed. Any of the following databases, if previously installed, meets this requirement. • SQL Server 2005 • SQL Server 2005 Express • SQL Server 2008 • SQL Server 2008 Express NOTE: SQL Server 2000 is not supported. 8 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 9
    . Database installation documented in this Guide The only database installation scenario described on a different server from the ePolicy Orchestrator, manual installation is required on the remote servers. SQL McAfee recommends making specific maintenance settings to ePO databases. For instructions
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 10
    upgrade scenarios. Operating systems language support This version of the ePolicy Orchestrator runs on any supported operating system irrespective of the language (Standard) • German (Standard) • Japanese • Korean • Russian • Spanish 10 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 11
    Total Protection for Endpoint suite This section guides you to install the McAfee Total Protection for Endpoint suite with the default options. The McAfee Total Protection for Endpoint suite installer will setup the ePO server and check-in the endpoint softwares to the ePO repository in one go
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 12
    Wizard Complete page appears with the following options, enabled by default: • Select Yes, I want to view the ReadMe file to view the Readme. • Select Yes, I want to launch McAfee ePolicy Orchestrator now to launch the ePolicy Orchestrator user interface. NOTE: During installation, you may be
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 13
    box appears. NOTE: You can also double-click the Launch McAfee ePolicy Orchestrator 4.5 console icon on the desktop to launch ePolicy Password of a valid account, created in Step 7 under the "Setting up McAfee Total Protection for Endpoint suite" section. NOTE: Passwords are case-sensitive.
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 14
    VirusScan Enterprise, and non-McAfee products from McAfee partners. Packages are components that are checked in to the master repository, then deployed to client systems. For information about extensions and packages, see these topics in the ePolicy Orchestrator Product Guide: • Extensions and what
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 15
    to two or three hours. TIP: McAfee recommends checking for updates several times each the status of the McAfee Pull task. Use this task to verify that the Update Master Repository task has finished pulling updates from the McAfee site. Task 1 Click Menu | Automation | Server Task
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 16
    several methods of organizing and populating the System Tree: • Manually structure your System Tree by creating your own groups and adding individual systems. • Synchronize with Active Directory or that System Tree sorting is disabled. 16 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 17
    Product Guide. In this exercise, you will create a system sorting rule rule, or run it manually. Task Use this task to create a sorting rule based on the default tags. 1 Click Menu | Systems | System Tree, then click Group Details on the menu bar. 2 Highlight Test Group. 3 At the top of the Group
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 18
    that lists McAfee Default, click Duplicate. 4 For Name, type Remote Log Access, then click OK. 5 On the line that lists your new policy, click Edit Settings. 6 Click the Logging tab and select Enable remote access to log. 7 Click Save. 18 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 19
    Setting Policies for Endpoints ePolicy Orchestrator provides you with the option to access the McAfee Agent log on each system remotely. NOTE: To view the Agent Log on a remote system, using a web-browser type: http://:8081 (where 8081 is the default port for the Agent
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 20
    you can either disable the rule or modify its exclusions to Option 1: Turning OFF the Port block rule 1 Click Menu | Policy | 4 On the line that lists McAfee Default, click Duplicate. 5 For Categories under Access protection rules, select Anti-virus Standard McAfee Default, click Duplicate. 5 For Name
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 21
    rule actually being triggered and blocking traffic, you can create a policy that instructs VirusScan to log the event and not block. Follow steps 1-10 outlined in Option #1 above. Once the rule and click View Log. After you have created the desired policy, you will need to apply it to the group or
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 22
    3 From the Category drop-down menu, select Rating Actions. 4 On the line that lists McAfee Default, click Duplicate. 5 For Name, type Rating Actions Policy, then click OK. 6 For sites you have configured as Warn, type a warning message. 22 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 23
    click Assigned Policies on the menu bar. 2 Highlight Test Group. 3 Assign the McAfee Agent policy: • From the Product drop-down menu, select McAfee Agent. • On the line that lists My Default, Policy drop-down menu, select Audit for PUPs. McAfee Total Protection for Endpoint Lab Evaluation Guide 23
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 24
    AV Exclusions policy to the Servers group. Host Intrusion Prevention policies McAfee Host Intrusion Prevention provides three McAfee Host Intrusion Prevention: Best practices for quick success, available through your McAfee Support or Sales contacts. Use the following tasks to set firewall rules
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 25
    Group, then highlight the Workstations group. Rules policy. 7 Click Save. For more information about managing the Host Intrusion Prevention Firewall, review the Host Intrusion Prevention Product Guide. Links to Technical Briefs and other documentation are provided in the References section. McAfee
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 26
    , banned file types/messages, and supports content filtering within the email messages. • McAfee GroupShield® 7.0.1 for Microsoft Exchange - OK. 11 To create a new rule for the category, click Create New under Content Scanner Rules. 26 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 27
    Resource page. 18 Under Policy Manager rules and associated actions section, click Add rule. 25 From the Select rules group drop-down menu, select Content. The Select rules from this group Policy. 7 Click the View Settings tab. From the McAfee Total Protection for Endpoint Lab Evaluation Guide 27
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 28
    select Master Policy from the Policy drop-down menu. 7 Click the View Settings tab. From the Selection drop-down menu, select Anti-Phishing Assigned Policies on the menu bar. 2 Expand Test Group, and highlight Servers. 3 From the Product drop- McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 29
    the Shared Resource page. 18 In the Policy Catalog, 22 Select the View Settings tab. From rules and associated actions section, click Add rule. 26 From the Select rules group drop-down menu, select Content. The Select rules from this group McAfee Total Protection for Endpoint Lab Evaluation Guide 29
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 30
    Master Policy from the Policy drop-down menu. 7 Click the View Settings tab. From the Selection drop-down menu, select Anti-Phishing Expand Test Group, and highlight Servers. 3 From the Product drop-down menu, select McAfee Security for Lotus McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 31
    Email Servers 9 Click Actions | Agent | Wake Up Agents. 10 Under Wake Up McAfee Agent, set Randomization to zero minutes. 11 Click OK. NOTE: Actually, you may good introduction on configuring and applying policies for your email servers. McAfee Total Protection for Endpoint Lab Evaluation Guide 31
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 32
    section, you create a client task that deploys one or more products to a group of systems. This tasks assumes you checked in all the endpoint products during installation. +. • Select Host Intrusion Prevention 7.0.0.xxx, then click +. 32 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 33
    1 Click Menu | Systems | System Tree, then click Client Tasks on the menu bar. 2 Highlight Test Group, then click New Task. 3 For Name, type Daily Update. 4 For Type, select Product Update from Unwanted Program is Found drop down menu. McAfee Total Protection for Endpoint Lab Evaluation Guide 33
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 34
    , then click Next. 7 On the Summary page, click Save. Clients will retrieve the task instructions at their next communication with the server and then execute the task at the scheduled time. Later "Clean" is covered in the next section. 34 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 35
    this task to deploy the McAfee Agent to your client systems. 1 Click Menu | Systems | System Tree, then click Systems on the menu bar. 2 Highlight Test Group. If this group has no systems, but has you need to force a policy change sooner McAfee Total Protection for Endpoint Lab Evaluation Guide 35
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 36
    | System Tree, then click Systems on the menu bar. 2 Highlight your Servers or Workstations group. 3 If an IP address and user name are listed, the agent on the client system the Product drop-down menu, select VirusScan Enterprise 8.7.0. 36 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 37
    Deploy the McAfee Agent 3 Highlight Test Group. 4 To the right of Resetting the On-Access Scan policy Previously, you created a new policy that instructed the on-access scanner to detect PUPs but not clean them. Use this 6 Click Save. McAfee Total Protection for Endpoint Lab Evaluation Guide 37
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 38
    Deploy the McAfee Agent VirusScan will now clean any PUPs that you have not explicitly excluded. The next time client systems poll the server, they will download your configuration changes. 38 McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 39
    you can change the set of monitors rather than create a new dashboard. To view some information about VirusScan Enterprise and Potentially Unwanted Programs, you will duplicate, then Monitor. 12 From the Category list, select Queries. McAfee Total Protection for Endpoint Lab Evaluation Guide 39
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 40
    Top 10 Access Protection Rules Broken). When creating your own queries, consider the type of data you want to view, and how to McAfee Agent is deployed on all your test systems and to view the version number. 1 Click Menu | Reporting | Queries. 2 Expand Shared Groups and highlight McAfee Agent group
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 41
    Groups. Queries stored in a Private Group are only visible to the administrator, under whose login it was created. Those queries stored in a Shared Group are visible under all ePO administrative accounts, so they can be shared with others. McAfee Total Protection for Endpoint Lab Evaluation Guide
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 42
    run a task that updates the ePO master repository from the McAfee site. 3 Created a System Tree structure, and added test systems into groups. 4 Created and applied a new McAfee Agent policy, that enables remote access to the McAfee Agent Log on client computers. 5 Created and applied new policies
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 43
    Product Guide • Host Intrusion Prevention 7.0 Firewall Protocol Support • Host Intrusion Prevention 7.x Multi-Slot Policies and their Effective Policy • Host Intrusion Prevention Firewall: Connection-Aware Groups • Host Intrusion Prevention 7.x Adaptive Mode • Access Protection in McAfee VirusScan
  • McAfee TEECDE-AA-AA | Evaluator Guide - Page 44
    7.0.1 for Microsoft Exchange User Guide Addendum McAfee Security for Lotus Domino, v7.5 (Windows) • McAfee Security for Lotus Domino, v7.5 (Windows) - User Guide • McAfee Security for Lotus Domino, v7.5 (Windows) - Release Notes Support by Seeing Video tutorials View video tutorials that address
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
McAfee Total Protection for Endpoint
Lab Evaluation Guide