McAfee QUICKCLEAN 3.0 User's Guide Page 14
- Page / 140
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
• Integration with McAfee
®
Web Gateway — You can configure McAfee Advanced Threat Defense as
an additional engine for anti-malware protection. When your network user downloads a file, the
native McAfee Gateway Anti-malware Engine on McAfee
®
Web Gateway scans the file and
determines a malware score. Based on this score and the file type, McAfee
®
Web Gateway sends a
copy of the file to McAfee Advanced Threat Defense for deeper inspection and dynamic analysis. A
progress page informs your users that the requested file is being analyzed for malware. Based on
the malware severity level reported by McAfee Advanced Threat Defense, McAfee
®
Web Gateway
determines if the file is allowed or blocked. If it is blocked, the reasons are displayed for your
users. You can view the details of the malware that was detected in the log file.
Figure 1-4 Integration with McAfee
®
Web Gateway
This design ensures that only those files that require an in-depth analysis are sent to McAfee
Advanced Threat Defense. This balances your users' experience in terms of download speed and
security. For information on how to integrate McAfee Advanced Threat Defense and McAfee
®
Web
Gateway, see the McAfee
®
Web Gateway Product Guide, version 7.4.
• Integration with McAfee
®
ePolicy Orchestrator (McAfee ePO) — This integration enables McAfee
Advanced Threat Defense to retrieve information regarding the target host. Knowing the operating
system on the target host, enables it to select a similar virtual environment for dynamic analysis.
How the deployment options address the 4 major aspects of anti-malware process cycle:
• Detection of file download: As soon as a user accesses a file, the inline Network Security Platform
Sensor or McAfee
®
Web Gateway detects this and sends a copy of the file to McAfee Advanced
Threat Defense for analysis.
• Analysis of the file for malware: Even before the user fully downloads the file, McAfee Advanced
Threat Defense can detect a known malware using sources that are local to it or on the cloud.
• Block future downloads of the same file: Every time McAfee Advanced Threat Defense detects a
medium, high, or very high severity malware, it updates its local black list.
• Identify and remediate affected hosts: Integration with Network Security Platform enables you to
quarantine the host until it is cleaned up and remediated.
McAfee Advanced Threat Defense advantages
Here are some of the advantages that McAfee Advanced Threat Defense provides:
1
Malware detection and McAfee
®
Advanced Threat Defense
The McAfee Advanced Threat Defense solution
14
McAfee Advanced Threat Defense 3.0.4 Product Guide
- Product Guide 1
- COPYRIGHT 2
- TRADEMARK ATTRIBUTIONS 2
- LICENSE INFORMATION 2
- License Agreement 2
- Contents 3
- 5 Creating analyzer VM 41 4
- 7 Analyzing malware 97 4
- Index 139 5
- About this guide 7
- Find product documentation 8
- Advanced 9
- Malware detection and McAfee 10
- Advanced Threat Defense 10
- Web Gateway 14
- Defense Appliance 17
- Warnings and cautions 19
- Usage restrictions 19
- Unpack the shipment 20
- Check your shipment 20
- Port numbers 24
- Handling the front bezel 27
- Connect the network cable 28
- Defense web application 31
- Viewing user profiles 34
- Add users 35
- Figure 4-3 Add users 36
- Edit Users 37
- Delete Users 38
- Troubleshooting 39
- Delete the analysis results 40
- Creating analyzer VM 41
- • Confirm — Enter cr@cker42 45
- Processor Configuration 47
- Network Type 49
- Select I/O Controller Types 49
- Figure 5-12 Select a disk 50
- Select Write 58
- • Password — Enter cr@cker42 65
- Figure 5-33 Run sigcheck.exe 67
- Figure 5-36 Run MergeIDE 68
- Figure 5-37 Warning message 68
- Figure 5-38 Activate Windows 69
- Figure 5-39 Settings option 70
- Managing VM profiles 74
- View VM profiles 75
- Create VM profiles 76
- Figure 5-51 Shut down the VM 78
- Figure 5-53 79
- Edit VM profiles 80
- Delete VM profiles 80
- View the VM creation log 81
- Defense for malware analysis 83
- Terminologies 84
- Managing analyzer profiles 87
- View analyzer profiles 88
- Create analyzer profiles 89
- Integration with McAfee ePO 91
- Analyzing malware 100
- View the analysis results 102
- Analysis Results section 108
- Analysis Environment section 108
- Operations details section 109
- Disassembly Results 110
- Dropped files report 110
- Logic Path Graph 111
- User API Log 116
- Malware analysis monitors 118
- File Counters 119
- Files analyzed by File Type 119
- Analyzer Profile Usage 120
- Top malware by file name 120
- VM Creation Status monitor 121
- System Information 122
- Threat Defense 123
- CLI syntax 124
- Log on to the CLI 125
- Meaning of "?" 125
- Appliance 125
- List of CLI commands 126
Related products and manuals for Networking McAfee QUICKCLEAN 3.0
(12 pages)© 2020, manymanuals.com. All rights reserved. | 0.765 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals