McAfee QUICKCLEAN 3.0 User's Guide Page 15
- Page / 140
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
• It is an on-premises solution that has access to cloud-based GTI. In addition, you can integrate it
with other McAfee's security products.
• McAfee Advanced Threat Defense does not sniff or tap into your network traffic. It analyzes the
files submitted to it for malware. This means that you can place the McAfee Advanced Threat
Defense Appliance anywhere in your network as long as it is reachable to all the integrated McAfee
products. It is also possible for one McAfee Advanced Threat Defense Appliance to cater to all such
integrated products (assuming the number of files submitted is within the supported level). This
design can make it a cost-effective and scalable anti-malware solution.
• McAfee Advanced Threat Defense is not an inline device. It can receive files from IPS Sensors for
malware analysis. So, it is possible to deploy McAfee Advanced Threat Defense in such a way that
you obtain the advantages of an inline anti-malware solution but without the associated drawbacks.
• Android is currently one of the top targets for malware developers. With this integration, the
Android-based handheld devices on your network are also protected. You can dynamically analyze
the files downloaded by your Android devices such as smartphones and tablets.
• Files are concurrently analyzed by various engines. So, it is possible for known malware to be
blocked in almost real time.
• When McAfee Advanced Threat Defense dynamically analyzes a file, it selects the analyzer virtual
machine that uses the same operating system and other applications as that of the target host.
This is achieved through its integration with McAfee ePO or through passive device profiling feature
of Network Security Platform. This enables you to identify the exact impact on a targeted host, so
that you can take the required remedial measures. This also means that McAfee Advanced Threat
Defense executes the file only the required virtual machine, reserving its resources for other files.
• Consider a host downloaded a zero-day malware, but a Sensor that detected this file downloaded
submitted it to McAfee Advanced Threat Defense. After a dynamic analysis, McAfee Advanced
Threat Defense determines the file to be malicious. Based on how you have configured the
Advanced Malware policy, it is possible for the Manager to add this malware to the blacklist of all
the Sensors in your organization's network. This file also might be on the blacklist of McAfee
Advanced Threat Defense. Thus, the chances of the same file re-entering your network is reduced.
• Even the first time when a zero-day malware is downloaded, you can contain it by quarantining the
affected hosts until they are cleaned and remediated.
Malware detection and McAfee
®
Advanced Threat Defense
The McAfee Advanced Threat Defense solution
1
McAfee Advanced Threat Defense 3.0.4 Product Guide
15
- Product Guide 1
- COPYRIGHT 2
- TRADEMARK ATTRIBUTIONS 2
- LICENSE INFORMATION 2
- License Agreement 2
- Contents 3
- 5 Creating analyzer VM 41 4
- 7 Analyzing malware 97 4
- Index 139 5
- About this guide 7
- Find product documentation 8
- Advanced 9
- Malware detection and McAfee 10
- Advanced Threat Defense 10
- Web Gateway 14
- Defense Appliance 17
- Warnings and cautions 19
- Usage restrictions 19
- Unpack the shipment 20
- Check your shipment 20
- Port numbers 24
- Handling the front bezel 27
- Connect the network cable 28
- Defense web application 31
- Viewing user profiles 34
- Add users 35
- Figure 4-3 Add users 36
- Edit Users 37
- Delete Users 38
- Troubleshooting 39
- Delete the analysis results 40
- Creating analyzer VM 41
- • Confirm — Enter cr@cker42 45
- Processor Configuration 47
- Network Type 49
- Select I/O Controller Types 49
- Figure 5-12 Select a disk 50
- Select Write 58
- • Password — Enter cr@cker42 65
- Figure 5-33 Run sigcheck.exe 67
- Figure 5-36 Run MergeIDE 68
- Figure 5-37 Warning message 68
- Figure 5-38 Activate Windows 69
- Figure 5-39 Settings option 70
- Managing VM profiles 74
- View VM profiles 75
- Create VM profiles 76
- Figure 5-51 Shut down the VM 78
- Figure 5-53 79
- Edit VM profiles 80
- Delete VM profiles 80
- View the VM creation log 81
- Defense for malware analysis 83
- Terminologies 84
- Managing analyzer profiles 87
- View analyzer profiles 88
- Create analyzer profiles 89
- Integration with McAfee ePO 91
- Analyzing malware 100
- View the analysis results 102
- Analysis Results section 108
- Analysis Environment section 108
- Operations details section 109
- Disassembly Results 110
- Dropped files report 110
- Logic Path Graph 111
- User API Log 116
- Malware analysis monitors 118
- File Counters 119
- Files analyzed by File Type 119
- Analyzer Profile Usage 120
- Top malware by file name 120
- VM Creation Status monitor 121
- System Information 122
- Threat Defense 123
- CLI syntax 124
- Log on to the CLI 125
- Meaning of "?" 125
- Appliance 125
- List of CLI commands 126
Related products and manuals for Networking McAfee QUICKCLEAN 3.0
(12 pages)© 2020, manymanuals.com. All rights reserved. | 0.743 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals