McAfee VIRUSSCAN ENTERPRISE User's Guide Page 7
- Page / 166
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
How this guide is organized
This document is meant as a reference to use along with the VirusScan Console and ePolicy
Orchestrator user interfaces. It also describes, in order, how you should approach protecting
your system from malware using VirusScan Enterprise. To describe that process, this document
is separated into four major parts, plus an appendix:
• Part I — Prevention: Avoiding Threats — The best way to protect your system is to
keep any malware from ever gaining access to your system. This part of the document
describes the following:
• Protecting your systems' access points, memory from overflow errors, and unwanted
programs.
• Detection definitions and how they are used to protect your system and the importance
of updating these definitions on a regular basis.
• Excluding files, folders, and disks from scanning.
• Using scheduled task to periodically scan your system and update the files used by
VirusScan Enterprise.
• Part II — Detecting: Finding Threats — Files that are opened or copied from other file
systems or the Internet might provide access to your system. Also, application programming
interface (API) calls and scripts can pose a threat to your system. These threats are found
during the following VirusScan Enterprise scan processes:
• On-access scanning — Scans a file for malware when the file is read or written to disk,
it also protects boot sectors, scans memory of processes already running, detects cookies,
and protects against unwanted programs.
• On-demand scanning — Scans the entire system for threats on a scheduled basis or as
needed when started from the VirusScan Console.
• Email on-delivery and on-demand scanning — Protects against malware arriving through
email in Microsoft Outlook and Lotus Notes.
• Buffer overflow protection — Analyzes API calls made by certain processes, to confirm
they do not attempt to overwrite adjacent data in the memory buffer.
• ScriptScan — Finds threats from browsers or other applications accessed that use the
Windows Script Host.
• Part III — Response: Handling Threats — VirusScan Enterprise can be configured to
perform any of the following steps, when a threat is found:
• Deny Access to the threat or take no further action.
• Delete or Clean the threat. When either of these actions is taken a copy of the original
file is stored in the Quarantine folder.
NOTE: For any detection, you can configure VirusScan Enterprise to notify the user or not.
• Part IV — Monitoring, Analyzing, and Fine-Tuning Your Protection — Once your
protection is up and running, you should monitor your system using ePolicy Orchestrator
queries and reports. Then you could decide to make changes to your security settings in
order to increase or reduce the amount of system protection. Alternatively, you might also
use VirusScan Console logs and Simple Network Management Protocol (SNMP) traps to
monitor your systems.
• Appendix — Describes some additional features you should be aware of when using
VirusScan Enterprise. For example, VirusScan Enterprise command-line options, connecting
to remote systems through VirusScan Enterprise, and more.
Preface
How this guide is organized
7McAfee VirusScan Enterprise 8.8 Product Guide
- Product Guide 1
- Contents 3
- Audience 6
- Conventions 6
- How this guide is organized 7
- Finding product documentation 8
- Getting Started 10
- Using right-click features 14
- What to do first 17
- Quarantined items 18
- Access protection 19
- MyProgram.exe is not malware 20
- VirusScan Console 23
- Rule type descriptions 24
- Protection level descriptions 24
- Types of user-defined rules 25
- Port blocking rule options 31
- Removing user-defined rules 33
- Configuring unwanted programs 38
- DAT files and how they work 43
- Configuring the mirror task 46
- Framework 47
- Excluding scan items 48
- Using scheduled tasks 49
- Scheduling tasks 50
- Configuring the task schedule 50
- Scanning items on-access 51
- Enabling on-network drives 52
- How Artemis works 53
- Configuring general settings 54
- Configuring process settings 58
- Scanning items on-demand 62
- How scan deferral works 64
- How system utilization works 64
- Detections and responses 72
- Buffer overflow detections 73
- Unwanted program detections 73
- On-access scan detections 74
- On-demand scan detections 75
- Email scan detections 75
- Managing quarantined items 77
- Configuring alerts 78
- Access queries and dashboards 80
- Configuring emergency DATs 81
- Downloading a SuperDAT file 82
- Fine-Tuning Your Protection 84
- Running an example query 85
- Analyzing your protection 86
- Appendix 89
- SCAN32.EXE 91
- MCUPDATE.EXE 93
- MCUPDATE 93
- Connecting to remote systems 94
- Troubleshooting 95
- REINSTALLMODE 96
- Property 96
- McAfee VirusScan Enterprise 100
- 8.8, Installation Guide 100
- Frequently asked questions 101
- 00000000.ie 102
- CATALOG.Z 103
- Access Protection tab 104
- Configuring predefined rules 105
- Option definitions 106
- Alerts tab 107
- Reports tab 108
- Blocking tab 109
- Display Options tab 112
- Actions tab 113
- Scan Items tab 117
- General tab 120
- Default = very low 121
- Messages tab 122
- Notes Scanner Settings tab 123
- Exclusions tab 126
- Task tab 134
- Password Options tab 135
- Processes tab 136
- Quarantine Policy tab 140
- Policy tab 141
- Manager tab 142
- Scan Locations tab 144
- Performance tab 146
- DefinitionOption 147
- ScriptScan tab 148
- User-Defined Detection tab 149
- Repositories tab 150
- Proxy settings tab 153
- Mirror task 154
- AutoUpdate task 155
- Schedule tab 156
- Advanced schedule options 160
- Global Scan Settings tab 161
- (continued) 164
© 2020, manymanuals.com. All rights reserved. | 0.291 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals