Filter
Top Products
19
McAfee
®
Host Intrusion Prevention 6.1 Installation/Configuration Guide Basic Concepts
Policy management
2
Policy management
A policy is a collection of Host Intrusion Prevention settings that you configure through
the ePolicy Orchestrator console, then enforce on Host Intrusion Prevention clients.
Policies allow you to ensure that the security software on managed systems is
configured to meet the needs of your environment.
The ePolicy Orchestrator console allows you to configure Host Intrusion Prevention
policies from a central location. Policies are a part of the Host Intrusion Prevention NAP
file added to the master repository when you installed Host Intrusion Prevention.
Policy enforcement
When you change Host Intrusion Prevention policies in the ePolicy Orchestrator
console, the changes take effect on the managed systems at the next agent-to-server
communication interval (ASCI). This interval is set to occur once every 60 minutes by
default.
Host Intrusion Prevention policies can be enforced immediately by running a wake-up
call from the ePolicy Orchestrator console.
Policies and policy categories
Policy information for each product is grouped by category. Each policy category refers
to a specific subset of policies. In the
Policy Catalog, a product’s policy categories are
displayed when you expand the product name.
A named policy is a configured set of policy definitions for a specific policy category.
You can create, modify, or delete as many named policies as needed for each policy
category. In the
Policy Catalog, named policies for a specific category are displayed when
you expand the category name.
Each policy category has a
Global Default named policy. You cannot edit or delete this
policy.
Figure 2-1 Policy Catalog