search

McAfee QUICKCLEAN 1.0 User Manual Page 15

  • Download
  • Add to my manuals
  • Print
  • Page
    / 29
  • Table of contents
  • BOOKMARKS
    • Rated. / 5. Based on customer reviews
Page view 14
File-only information
File name, path, size, product, publisher, and prevalence
SHA and MD5 Hash information
Operating system version of the reporting computer
Maximum, minimum, and average reputation set for the file
Whether the reporting module is in Observation mode
Whether the file was allowed to run, was blocked, or cleaned
The product that detected the file, for example Advanced Threat Defense or VirusScan Enterprise
Certificate-only information
SHA Hash information
The name of the certificate's issuer and its subject
The date the certificate was valid, and its expiration date
Blocking or allowing files and certificates
Files and certificates have threat reputations based on content and properties. The Threat Intelligence
Exchange policies determine whether files and certificates are blocked or allowed on systems in your
environment based on reputation levels.
Three security levels are available depending on how you want to balance the rules for particular types
of systems. Each level is associated with specific rules that identify malicious and suspicious files and
certificates.
High change systems — These are systems that change frequently, often installing and uninstalling
programs and receiving frequent updates. Examples of these systems are computers used in
development environments. Fewer rules are used with policies that use this setting and users see
minimum blocking and prompting when new files are detected.
Typical systems — These are typical business systems where new programs and changes are installed
infrequently. More rules are used with policies that use this setting and users see more blocking
and prompting.
Low change systems — These are IT-managed systems with tight control and little change. Examples of
these are systems that access critical or sensitive information in a financial or government
environment. This setting is also used for servers. The maximum number of rules are used with
policies that use this setting and users see even more blocking and prompting.
To view the specific rules associated with each security level, click Menu | Server Settings. In the Setting
Categories list, click Threat Intelligence Exchange module for VSE.
When determining which security level to assign a policy, consider the type of system where the policy
is used, and how much blocking and prompting you want the user to encounter. After you create a
policy, assign it to one or more computers or devices to determine how much blocking and prompting
occurs. After the policy runs in your environment for a time, you might need to edit some of the
settings to fine-tune what is being allowed, blocked, and prompted.
Using Threat Intelligence Exchange
Blocking or allowing files and certificates
2
McAfee Threat Intelligence Exchange 1.0.0 Product Guide
15
Page view 14
1 2 ... 10 11 12 13 14 15 16 17 18 19 20 ... 28 29

Comments to this Manuals

No comments
Related products and manuals for Software licenses/upgrades McAfee QUICKCLEAN 1.0
Software licenses/upgrades McAfee MAP-3300-SWG - Web Security Appliance 3300 User Manual   (15 pages)
  • Allegro Multimedia Baaske Medical Arnold Company Music Hall Audio B&W electronics
  • Pioneer Headphones KALORIK Small kitchen appliances Lasko Household fans Lenovo Warranty & support extensions Schwinn Bicycles
  • Skyjacker DA602 Sony BDP-S6500 Sony KDL-42EX443 Sony MHC-GN77D
  • Aeg Voxtel D215 combo User Manual Draper Envoy Operations Instructions Dickson ES120 User Manual Samsung DVD-P171 User Manual Acer CB240HY User Manual