McAfee QUICKCLEAN 3.0 User's Guide Page 10
- Page / 140
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
• Block future downloads of the same file: Subsequently, if the file is found to be malicious, your
anti-malware protection must prevent future downloads of the same file or its variants.
• Identify and remediate affected hosts: Your security system must be able to identify the host which
executed the malware, and also detect the hosts to which it has spread. Then, it must provide an
option to quarantine the affected hosts until they are clean again.
The McAfee Advanced Threat Defense solution
A security solution that relies on a single method or process might not be adequate to provide
complete and reliable protection from malware attacks. You might need a multi-layered solution that
involves various techniques and products. The solution can include pattern matching, global
reputation, program emulation, static analysis, and dynamic analysis. All these layers must be
seamlessly integrated and provide you with a single point of control for easy configuration and
management. For example, pattern matching might not detect zero-day attacks. Similarly, static
analysis takes less time than dynamic analysis. However, malware can avoid static analysis by code
obfuscation. Malware can escape dynamic analysis too by delaying execution or take an alternate
execution path if the malware detects that it is being run in a sandbox environment. This is why a
reliable protection from malware requires a multi-level approach.
There are other industry-leading McAfee anti-malware products for the web, network, and endpoints.
However, McAfee recognizes that a robust anti-malware solution requires a multi-layered approach,
the result of which is McAfee Advanced Threat Defense.
The McAfee Advanced Threat Defense solution primarily consists of the McAfee Advanced Threat
Defense Appliance and the pre-installed software. The McAfee Advanced Threat Defense Appliance is
available in two models. The standard model is the ATD-3000. The high-end model is the ATD-6000.
McAfee Advanced Threat Defense integrates its native capabilities with other McAfee products to
provide you a multilayered defense mechanism against malware:
• Its preliminary detection mechanism consists of a local blacklist to quickly detect known malware.
• It integrates with McAfee
®
Global Threat Intelligence
™
(McAfee GTI) for cloud-lookups to detect
malware that has already been identified by organizations throughout the globe.
• It has the McAfee Gateway Anti-Malware Engine embedded within it for emulation capability.
1
Malware detection and McAfee
®
Advanced Threat Defense
The McAfee Advanced Threat Defense solution
10
McAfee Advanced Threat Defense 3.0.4 Product Guide
- Product Guide 1
- COPYRIGHT 2
- TRADEMARK ATTRIBUTIONS 2
- LICENSE INFORMATION 2
- License Agreement 2
- Contents 3
- 5 Creating analyzer VM 41 4
- 7 Analyzing malware 97 4
- Index 139 5
- About this guide 7
- Find product documentation 8
- Advanced 9
- Malware detection and McAfee 10
- Advanced Threat Defense 10
- Web Gateway 14
- Defense Appliance 17
- Warnings and cautions 19
- Usage restrictions 19
- Unpack the shipment 20
- Check your shipment 20
- Port numbers 24
- Handling the front bezel 27
- Connect the network cable 28
- Defense web application 31
- Viewing user profiles 34
- Add users 35
- Figure 4-3 Add users 36
- Edit Users 37
- Delete Users 38
- Troubleshooting 39
- Delete the analysis results 40
- Creating analyzer VM 41
- • Confirm — Enter cr@cker42 45
- Processor Configuration 47
- Network Type 49
- Select I/O Controller Types 49
- Figure 5-12 Select a disk 50
- Select Write 58
- • Password — Enter cr@cker42 65
- Figure 5-33 Run sigcheck.exe 67
- Figure 5-36 Run MergeIDE 68
- Figure 5-37 Warning message 68
- Figure 5-38 Activate Windows 69
- Figure 5-39 Settings option 70
- Managing VM profiles 74
- View VM profiles 75
- Create VM profiles 76
- Figure 5-51 Shut down the VM 78
- Figure 5-53 79
- Edit VM profiles 80
- Delete VM profiles 80
- View the VM creation log 81
- Defense for malware analysis 83
- Terminologies 84
- Managing analyzer profiles 87
- View analyzer profiles 88
- Create analyzer profiles 89
- Integration with McAfee ePO 91
- Analyzing malware 100
- View the analysis results 102
- Analysis Results section 108
- Analysis Environment section 108
- Operations details section 109
- Disassembly Results 110
- Dropped files report 110
- Logic Path Graph 111
- User API Log 116
- Malware analysis monitors 118
- File Counters 119
- Files analyzed by File Type 119
- Analyzer Profile Usage 120
- Top malware by file name 120
- VM Creation Status monitor 121
- System Information 122
- Threat Defense 123
- CLI syntax 124
- Log on to the CLI 125
- Meaning of "?" 125
- Appliance 125
- List of CLI commands 126
Related products and manuals for Networking McAfee QUICKCLEAN 3.0
(12 pages)© 2020, manymanuals.com. All rights reserved. | 1.384 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals