Filter
Top Products
26
McAfee
®
Host Intrusion Prevention 6.1 Product Guide Using ePolicy Orchestrator
Host Intrusion Prevention operations
3
Assigning owners to policies
All policies for Host Intrusion Prevention to which you have permissions are available
from the
Policy Catalog page. To prevent any user from modifying other users’ policies,
each policy is assigned an owner: the global or site administrator who created it.
Only a policy’s creator or a global administrator can modify or delete a policy. Any
administrator can apply any policy in the
Policy Catalog page, but only the owner or global
administrator can modify it.
Generating notifications
E-mail, pager, and SNMP trap notifications can alert you to any events that occur on
Host Intrusion Prevention clients or the server itself. You can configure rules to send
messages, SNMP traps, or run external commands when specific Host Intrusion
Prevention events are received and processed by the ePolicy Orchestrator server. The
highly configurable notification feature enables you to specify the event categories that
generate a notification message and the frequencies with which notifications are sent.
Generating reports
The Host Intrusion Prevention clients on the client systems send information to the
server, which is stored in a reports database. It is against this stored information that
you run reports and queries. There are eight pre-defined reports that fall into two main
categories: IPS reports and firewall reports. For additional information, see Running
reports on page 125.
Host Intrusion Prevention operations
A brief overview of all aspects of using Host Intrusion Prevention that are specific to
the product follow. Details in using these features are found in this document.
Installing the Host Intrusion Prevention server
You must install the management server before you can deploy clients. For detailed
instructions, refer to the Host Intrusion Prevention Installation Guide.
Tip
If you assign a policy that you do not own to segments of the Directory, be aware that
if the policy owner modifies it, all nodes to which this policy is assigned receive these
modifications. To use a policy owned by a different administrator, duplicate the policy,
and then assign the duplicate to the node.