McAfee UTILITIES 4.0 Uživatelská příručka Strana 69
- Strana / 112
- Tabulka s obsahem
- KNIHY
Hodnocené. / 5. Na základě hodnocení zákazníků
Configuring Application Blocking Policies
The Application Blocking feature of Host Intrusion Prevention manages a set of applications
that you allow to run (known as application creation) or bind (known as application hooking)
with other applications.
Contents
Overview of Application Blocking policies
Working with Application Blocking policies
Working with Application Blocking Rules policies
Overview of Application Blocking policies
The Application Blocking feature monitors applications being used and allows or blocks them.
Host Intrusion Prevention offers two types of application blocking:
• Application creation
• Application hooking
When Host Intrusion Prevention monitors application
creation
, it looks for programs that are
trying to run. In most cases, there is no problem; but some viruses, for example, try to run
programs that harm a system. You can prevent this by creating application rules, similar to
firewall rules, which only allow programs to run that are permitted.
When Host Intrusion Prevention monitors application
hooking
, it looks for programs that are
trying to bind or “hook” themselves to other applications. Sometimes this behavior is harmless,
but sometimes this is suspicious behavior that can indicate a virus or other attack on your
system.
You can configure Host Intrusion Prevention to monitor only application creation, only application
hooking, or both.
With Application Blocking, create a list of application rules, one rule for each application you
want to allow or block. Each time Host Intrusion Prevention detects an application trying to
start or hook to another application, it checks its application rule list to determine whether to
allow or block the application.
Application Blocking client rules
Clients in adaptive or learn mode can create client rules to allow blocked application creation
or hooking. You can view these rules in a filtered or aggregated view to analyze them to create
create new policies or add them to existing policies.
69McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Související produkty a manuály pro Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Uživatelská příručka
(41 stránky)
(41 stránky)
Software McAfee UNINSTALLER 6.0 Uživatelská příručka
(99 stránky)
(99 stránky)
Software McAfee QUICKCLEAN 1.0 Instalační příručka
(29 stránky)
(29 stránky)
Software McAfee QUICKCLEAN 1.0 Uživatelská příručka
(41 stránky)
(41 stránky)
Software McAfee UTILITIES 4.0 Uživatelský manuál
(11 stránky)
(11 stránky)
Software McAfee QUICKCLEAN 1.0 Uživatelský manuál
(22 stránky)
(22 stránky)
Software McAfee GUARD DOG 2 Uživatelská příručka
(128 stránky)
(128 stránky)
© 2020, manymanuals.cz. Všechna práva vyhrazena. | 0.059 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce