search

McAfee QUICKCLEAN 1.0 User Manual Page 20

  • Download
  • Add to my manuals
  • Print
  • Page
    / 29
  • Table of contents
  • BOOKMARKS
    • Rated. / 5. Based on customer reviews
Page view 19
Task
For option definitions, click ? in the interface.
1
Click Menu | Systems | TIE Reputations.
2
Click the File Search tab.
3
Enter a specific file name, or search for files by name or by file type, such as .dll or .exe. You can
also use wildcard search characters * or ? when searching.
4
Select the file that you want to see.
5
From the Actions menu, click Where Has File Run.
Systems that have run the file are listed, including the system name, IP address, and the first date the
file ran on that system.
Monitoring events
The TIE module for VSE Events page shows recent Threat Intelligence Exchange events and security
threats, and the actions taken.
Viewing recent events
Viewing recent events allows you to see threat information about your systems.
You can view enforced or observed events:
Enforcement Events — Events that occur as a result of an enforced Threat Intelligence Exchange policy.
Observation Events — Events that occur if the policy is enforced. It allows you to view, evaluate, and
adjust policy and configuration settings before enforcing them. You can see which files or
certificates are causing events, and change their reputation settings so they no longer generate an
event.
You can view threat events in several ways and drill down for more information:
Past 30 days — Event summary information for the past 30 days.
Top 10 — The top 10 events by system, file, or certificate.
Certificate — The certificate name, its SHA1 value, and the number of certificates that were cleaned,
blocked, or prompted.
File Hash — The file name and SHA1 value, and the number of files that were cleaned, blocked, or
prompted.
Rule — The rule name, events where the rule was applied, and the number of rules that were cleaned,
blocked, or prompted.
System — The system name, total events for that system, and the number of events that were cleaned,
blocked, or prompted on a particular system.
2
Using Threat Intelligence Exchange
Monitoring events
20
McAfee Threat Intelligence Exchange 1.0.0 Product Guide
Page view 19
1 2 ... 15 16 17 18 19 20 21 22 23 24 25 ... 28 29

Comments to this Manuals

No comments
Related products and manuals for Software licenses/upgrades McAfee QUICKCLEAN 1.0
Software licenses/upgrades McAfee MAP-3300-SWG - Web Security Appliance 3300 User Manual   (15 pages)
  • Black Horse Model Kosmos Flying Mole Dedicated Micros American Telecom
  • Clickfree Unknown Lopi Stoves Acer TVs & monitors American DJ Power extensions AllerAir Unknown
  • HoMedics TI-150 Biostar G31-M7G DVI Peerless IBA2-W LG 47LS5700 Asus (TF103C)
  • Bowers-wilkins CDM 2 User Manual Electrolux EGG6342NOX User Manual Memorex MMP3774 User Manual Sony STR-GX59ES User Manual Acer Aspire ES1-732 User Manual