Filter
Top Products
30
McAfee
®
Host Intrusion Prevention 6.1 Product Guide Using ePolicy Orchestrator
Host Intrusion Prevention operations
3
Some Firewall feature policies require an ActiveX control. In opening one of these
policies, you may be asked to run the control that is needed to display the policy
content. If this alert appears, click
Yes to display the details of the policy.
Fine-tuning
After you install the Host Intrusion Prevention software, McAfee recommends that you
configure it to provide the greatest amount of security while not conflicting with
day-to-day activities. The default policies in Host Intrusion Prevention fit the broadest
set of customer environments and may meet your needs. To fine-tune policies to fit
your particular setting, we recommend the following practices:
Carefully define your Host Intrusion Prevention security configuration. Evaluate who
is responsible for configuring particular parts of the system and grant them
appropriate access.
Change the default IPS Protection or Firewall Rules policies, which provide
increasing levels of preset protection.
Modify severity levels of specific signatures. For example, when a signature is
triggered by day-to-day work of users, adjust the severity level to a lower level. For
more information, refer to Configuring the IPS Protection policy on page 38.
Configure notifications, which alert specific individuals when particular events
occur. For example, a notification can be sent when an activity that triggers a High
severity event occurs on a particular server. For more information, refer to Setting
up notifications for events on page 123.
Figure 3-5 Active X control security warning