Evaluator Guide
Page 5
... code to identify, proactively block, and safely eliminate potentially unwanted programs (PUPs) for email server protection. Integrated into McAfee solutions, SiteAdvisor Enterprise technology adds web security to surf and search the web safely as they enter and leave your comprehensive protection, guiding and shielding users from known and unknown attacks. Endpoint protection Total Protection for Endpoint provides these products for optimal business availability. As a framework, the McAfee Agent enables point-products to deploy, configure, and manage...
... code to identify, proactively block, and safely eliminate potentially unwanted programs (PUPs) for email server protection. Integrated into McAfee solutions, SiteAdvisor Enterprise technology adds web security to surf and search the web safely as they enter and leave your comprehensive protection, guiding and shielding users from known and unknown attacks. Endpoint protection Total Protection for Endpoint provides these products for optimal business availability. As a framework, the McAfee Agent enables point-products to deploy, configure, and manage...
Evaluator Guide
Page 7
..., select Internet Options. Monitor - 1024x768, 256-color, VGA monitor. McAfee Total Protection for Endpoint software, verify that each component meets the minimum system requirements that are listed below: • Server • Database Server requirements Free disk space - 1 GB minimum (first-time installation); 2 GB recommended. Intel Pentium III-class or higher; 1 GHz or higher. File system - System requirements Before setting up McAfee Total Protection for Endpoint Lab Evaluation Guide 7 NOTE: If using static IP addresses for ePO servers. McAfee recommends using a server...
..., select Internet Options. Monitor - 1024x768, 256-color, VGA monitor. McAfee Total Protection for Endpoint software, verify that each component meets the minimum system requirements that are listed below: • Server • Database Server requirements Free disk space - 1 GB minimum (first-time installation); 2 GB recommended. Intel Pentium III-class or higher; 1 GHz or higher. File system - System requirements Before setting up McAfee Total Protection for Endpoint Lab Evaluation Guide 7 NOTE: If using static IP addresses for ePO servers. McAfee recommends using a server...
Evaluator Guide
Page 8
... to be installed. For instructions, see the Microsoft product documentation. NOTE: Ensure that the VSE Access Protection rules are not already in response to use of your LAN, then select Bypass proxy server for local addresses. 4 Click OK as needed to close Internet Options. Domain controllers - Supported virtual infrastructure software • VMware ESX 3.5.x • Microsoft Virtual Server 2005 R2 with Service Pack 1 • Windows Server 2008 Hyper-V Database requirements A database must...
... to be installed. For instructions, see the Microsoft product documentation. NOTE: Ensure that the VSE Access Protection rules are not already in response to use of your LAN, then select Bypass proxy server for local addresses. 4 Click OK as needed to close Internet Options. Domain controllers - Supported virtual infrastructure software • VMware ESX 3.5.x • Microsoft Virtual Server 2005 R2 with Service Pack 1 • Windows Server 2008 Hyper-V Database requirements A database must...
Evaluator Guide
Page 9
... The following installation scenarios: • Maintenance settings - If the database is to ePO databases. If using SQL Server 2005 Express. You must acquire and install if using SQL Server, a SQL Server license is required for each processor on the remote servers. McAfee recommends making specific maintenance settings to be installed on a different server from the ePolicy Orchestrator, manual installation is required on the computer where SQL Server is installed. If not previously installed, the installation wizard installs automatically. McAfee Total Protection for information...
... The following installation scenarios: • Maintenance settings - If the database is to ePO databases. If using SQL Server 2005 Express. You must acquire and install if using SQL Server, a SQL Server license is required for each processor on the remote servers. McAfee recommends making specific maintenance settings to be installed on a different server from the ePolicy Orchestrator, manual installation is required on the computer where SQL Server is installed. If not previously installed, the installation wizard installs automatically. McAfee Total Protection for information...
Evaluator Guide
Page 10
... 10 McAfee Total Protection for Endpoint Lab Evaluation Guide MSI 3.1 The installation fails if using a language that is a list of MSI previous to follow Microsoft's required upgrade scenarios. If you are upgrading from MSDE 2000 or SQL 2000, be installed automatically at user's selection. When the software is installed on an operating system using a version of languages into which the ePolicy Orchestrator has been translated. Microsoft updates Update the ePolicy Orchestrator server...
... 10 McAfee Total Protection for Endpoint Lab Evaluation Guide MSI 3.1 The installation fails if using a language that is a list of MSI previous to follow Microsoft's required upgrade scenarios. If you are upgrading from MSDE 2000 or SQL 2000, be installed automatically at user's selection. When the software is installed on an operating system using a version of languages into which the ePolicy Orchestrator has been translated. Microsoft updates Update the ePolicy Orchestrator server...
Evaluator Guide
Page 11
... go. The Type License Key page appears. 4 Select Evaluation, then click Next. The Set Administrator Information page appears. 8 Type the username and password to use the same credentials later, to log on your ePO server or your intended management server. 2 Double-click Setup.exe. The Set Database Information page appears. 11 Identify the type of McAfee Total Protection for Endpoint software to install Microsoft SQL 2005 Express. The Start Copying Files page appears. The McAfee Total Protection for Endpoint suite installer will use for the ePolicy...
... go. The Type License Key page appears. 4 Select Evaluation, then click Next. The Set Administrator Information page appears. 8 Type the username and password to use the same credentials later, to log on your ePO server or your intended management server. 2 Double-click Setup.exe. The Set Database Information page appears. 11 Identify the type of McAfee Total Protection for Endpoint software to install Microsoft SQL 2005 Express. The Start Copying Files page appears. The McAfee Total Protection for Endpoint suite installer will use for the ePolicy...
Evaluator Guide
Page 13
...: Passwords are case-sensitive. 3 Select the Language you want the software to ePolicy Orchestrator dialog box appears. Logging on to ePolicy Orchestrator Use this . You must have valid credentials to do this task to log on to the URL of a valid account, created in Step 7 under the "Setting up McAfee Total Protection for Endpoint Lab Evaluation Guide 13 The Log On to display. 4 Click Log On. McAfee Total Protection for Endpoint suite...
...: Passwords are case-sensitive. 3 Select the Language you want the software to ePolicy Orchestrator dialog box appears. Logging on to ePolicy Orchestrator Use this . You must have valid credentials to do this task to log on to the URL of a valid account, created in Step 7 under the "Setting up McAfee Total Protection for Endpoint Lab Evaluation Guide 13 The Log On to display. 4 Click Log On. McAfee Total Protection for Endpoint suite...
Evaluator Guide
Page 14
... created for you automatically during installation, the Total Protection for Endpoint client software was added to between 9:00am and 11:00pm. 14 McAfee Total Protection for updates. • Schedule the task to run Daily, with No End Date. • Set Schedule to your selections during installation. NOTE: Checking this task to create a repository pull task that adds and updates the client software. 1 Click Menu | Automation | Server Tasks. 2 In the list, find the task named Update...
... created for you automatically during installation, the Total Protection for Endpoint client software was added to between 9:00am and 11:00pm. 14 McAfee Total Protection for updates. • Schedule the task to run Daily, with No End Date. • Set Schedule to your selections during installation. NOTE: Checking this task to create a repository pull task that adds and updates the client software. 1 Click Menu | Automation | Server Tasks. 2 In the list, find the task named Update...
Evaluator Guide
Page 16
... New Subgroup, type Servers, and click OK. 5 Repeat Step 4, but type Workstations for the group name. Adding systems to your System Tree groups Use this task to manually add a few test systems to your System Tree. There are created and administered by creating your network, you return to the Group page, highlight Test Group. Before you start managing endpoint policies for client systems on IP ranges or subnets. This is disabled. 16 McAfee Total Protection...
... New Subgroup, type Servers, and click OK. 5 Repeat Step 4, but type Workstations for the group name. Adding systems to your System Tree groups Use this task to manually add a few test systems to your System Tree. There are created and administered by creating your network, you return to the Group page, highlight Test Group. Before you start managing endpoint policies for client systems on IP ranges or subnets. This is disabled. 16 McAfee Total Protection...
Evaluator Guide
Page 17
... you to create a sorting rule based on the default tags. 1 Click Menu | Systems | System Tree, then click Group Details on working with additional options. 5 Click Add Tag. 6 From the drop-down menu, select Server, click the plus sign (+), then select Workstation. 7 Click Save. 8 In the System Tree, highlight My Organization. 9 In the Sorting Order list, find the entry for Endpoint Lab Evaluation Guide 17 Now...
... you to create a sorting rule based on the default tags. 1 Click Menu | Systems | System Tree, then click Group Details on working with additional options. 5 Click Add Tag. 6 From the drop-down menu, select Server, click the plus sign (+), then select Workstation. 7 Click Save. 8 In the System Tree, highlight My Organization. 9 In the Sorting Order list, find the entry for Endpoint Lab Evaluation Guide 17 Now...
Evaluator Guide
Page 18
... Name, type Remote Log Access, then click OK. 5 On the line that run on client systems, such as the McAfee Agent and VirusScan Enterprise. Use the following task to create a policy that enables remote access to view the local Agent Status Monitor on the role or function of 24. Another reason to change the Agent to Server Connection Interval option to log. 7 Click Save. 18 McAfee Total Protection for Endpoint products that lists your new policy, click Edit Settings. 6 Click the Logging tab and select Enable remote access to...
... Name, type Remote Log Access, then click OK. 5 On the line that run on client systems, such as the McAfee Agent and VirusScan Enterprise. Use the following task to create a policy that enables remote access to view the local Agent Status Monitor on the role or function of 24. Another reason to change the Agent to Server Connection Interval option to log. 7 Click Save. 18 McAfee Total Protection for Endpoint products that lists your new policy, click Edit Settings. 6 Click the Logging tab and select Enable remote access to...
Evaluator Guide
Page 19
Creating file exclusions on a server NOTE: In the above examples, you created your new Lock VSE Console policy, click Edit Settings. 7 On the menu bar, click Password Options. 8 Make sure the Settings for option is designed to prevent users from making changes to create a VirusScan policy that excludes two hypothetical database files on a server. McAfee Total Protection for each system remotely. The first is set to a specific group upon creation. Creating these types of scanning exclusions is the same; The result is a typical practice on...
Creating file exclusions on a server NOTE: In the above examples, you created your new Lock VSE Console policy, click Edit Settings. 7 On the menu bar, click Password Options. 8 Make sure the Settings for option is designed to prevent users from making changes to create a VirusScan policy that excludes two hypothetical database files on a server. McAfee Total Protection for each system remotely. The first is set to a specific group upon creation. Creating these types of scanning exclusions is the same; The result is a typical practice on...
Evaluator Guide
Page 20
... opens the policy editor. 8 From the Settings for Endpoints 7 In the Create a new policy dialog box, type Database AV Exclusions, then click OK. There will prevent events from sending email. Click Add again, and type data.ldf as in this example. Only the file name is set to Server. 8 For Categories under Access protection rules, select Anti-virus Standard Protection. 9 Deselect the Block option for an editable list of additional processes using Port 25 By default VirusScan Enterprise...
... opens the policy editor. 8 From the Settings for Endpoints 7 In the Create a new policy dialog box, type Database AV Exclusions, then click OK. There will prevent events from sending email. Click Add again, and type data.ldf as in this example. Only the file name is set to Server. 8 For Categories under Access protection rules, select Anti-virus Standard Protection. 9 Deselect the Block option for an editable list of additional processes using Port 25 By default VirusScan Enterprise...
Evaluator Guide
Page 21
.... McAfee Total Protection for the AntiSpyware Enterprise module When the AntiSpyware module is installed, it once again cleans PUPs. Setting Policies for Endpoints 6 On the line that lists your new Allow Outbound Email policy, click Edit Settings. 7 Make sure the Settings for option is set to Server. 8 For Categories under Access protection rules, select Anti-virus Standard Protection. 9 Select Prevent mass mailing worms from sending email, then click Edit. 10 Under Processes to check for PUPs in "audit mode...
.... McAfee Total Protection for the AntiSpyware Enterprise module When the AntiSpyware module is installed, it once again cleans PUPs. Setting Policies for Endpoints 6 On the line that lists your new Allow Outbound Email policy, click Edit Settings. 7 Make sure the Settings for option is set to Server. 8 For Categories under Access protection rules, select Anti-virus Standard Protection. 9 Select Prevent mass mailing worms from sending email, then click Edit. 10 Under Processes to check for PUPs in "audit mode...
Evaluator Guide
Page 24
... and application blocking policies are disabled. This is not already handled by going to Menu | Reporting | Host IPS in Adaptive mode, compared to policies. You will see which rules the Host Intrusion Prevention clients have added, and promote rules to existing default firewall policies. McAfee makes it easy to the White Paper Adopting McAfee Host Intrusion Prevention: Best practices for quick success, available through your protected computers. Use this policy as a starting point...
... and application blocking policies are disabled. This is not already handled by going to Menu | Reporting | Host IPS in Adaptive mode, compared to policies. You will see which rules the Host Intrusion Prevention clients have added, and promote rules to existing default firewall policies. McAfee makes it easy to the White Paper Adopting McAfee Host Intrusion Prevention: Best practices for quick success, available through your protected computers. Use this policy as a starting point...
Evaluator Guide
Page 26
... To create a new rule for the category, click Create New under Content Scanner Rules. 26 McAfee Total Protection for Endpoint Lab Evaluation Guide If you for Information. Setting Policies for Email Servers McAfee provides protection for your browser security is using Internet Explorer 7.0 and your Microsoft Exchange and Lotus Domino servers. It protects against every email message, then computes an overall spam score. Protects your Microsoft Exchange server. • McAfee Security for Microsoft Exchange - Start with an...
... To create a new rule for the category, click Create New under Content Scanner Rules. 26 McAfee Total Protection for Endpoint Lab Evaluation Guide If you for Information. Setting Policies for Email Servers McAfee provides protection for your browser security is using Internet Explorer 7.0 and your Microsoft Exchange and Lotus Domino servers. It protects against every email message, then computes an overall spam score. Protects your Microsoft Exchange server. • McAfee Security for Microsoft Exchange - Start with an...
Evaluator Guide
Page 28
... the administrator. 28 McAfee Total Protection for Endpoint Lab Evaluation Guide Use this task to create a policy that requires any email with the words "Company Confidential" in a document attachment have set Randomization to your email servers. NOTE: Actually, you may not have the message replaced with the default anti-spam policies and fine tune the thresholds as they are defined. The examples are not applied to any client computers. Setting Policies for Email Servers Configuring anti...
... the administrator. 28 McAfee Total Protection for Endpoint Lab Evaluation Guide Use this task to create a policy that requires any email with the words "Company Confidential" in a document attachment have set Randomization to your email servers. NOTE: Actually, you may not have the message replaced with the default anti-spam policies and fine tune the thresholds as they are defined. The examples are not applied to any client computers. Setting Policies for Email Servers Configuring anti...
Evaluator Guide
Page 29
... Add rule. 26 From the Select rules group drop-down menu, select Replace item with an alert. In the Name column, click Content Scanning. 22 Select the View Settings tab. NOTE: If you are using a scripted window to continue. 10 For Name, type Content, then click OK. 11 To create a new rule for Lotus Domino 7.5.x.x. 3 From the Category drop-down menu, select Content Scanning. 23 Under Options, select Include document and database formats in content scanning and Scan the text of...
... Add rule. 26 From the Select rules group drop-down menu, select Replace item with an alert. In the Name column, click Content Scanning. 22 Select the View Settings tab. NOTE: If you are using a scripted window to continue. 10 For Name, type Content, then click OK. 11 To create a new rule for Lotus Domino 7.5.x.x. 3 From the Category drop-down menu, select Content Scanning. 23 Under Options, select Include document and database formats in content scanning and Scan the text of...
Evaluator Guide
Page 30
...bar. 30 McAfee Total Protection for Endpoint Lab Evaluation Guide From the Selection drop-down menu, select Anti-Phishing. 8 For the Actions to be deleted. 1 Click Menu | Policy | Policy Catalog. 2 From the Product drop-down menu, select McAfee Security for Lotus Domino 7.5.x.x. 3 From the Category drop-down menu, select Delete Message. Setting Policies for Email Servers Configuring anti-spam scanner policies Use this task to configure a policy that requires any phish email message. 1 Click Menu | Policy | Policy Catalog. 2 From the Product drop-down menu, select McAfee Security for...
...bar. 30 McAfee Total Protection for Endpoint Lab Evaluation Guide From the Selection drop-down menu, select Anti-Phishing. 8 For the Actions to be deleted. 1 Click Menu | Policy | Policy Catalog. 2 From the Product drop-down menu, select McAfee Security for Lotus Domino 7.5.x.x. 3 From the Category drop-down menu, select Delete Message. Setting Policies for Email Servers Configuring anti-spam scanner policies Use this task to configure a policy that requires any phish email message. 1 Click Menu | Policy | Policy Catalog. 2 From the Product drop-down menu, select McAfee Security for...
Evaluator Guide
Page 36
... this point, the software installation client tasks have clean, newly installed operating systems, you to force clients to make any actual exclusions. 1 Click Menu | Systems | System Tree, then click Assigned Policies on the menu bar. 2 From the Product drop-down menu, select VirusScan Enterprise 8.7.0. 36 McAfee Total Protection for the "detection names" as provided in previous tasks are listed, the agent on how many products you created in ePO reports and local client log files...
... this point, the software installation client tasks have clean, newly installed operating systems, you to force clients to make any actual exclusions. 1 Click Menu | Systems | System Tree, then click Assigned Policies on the menu bar. 2 From the Product drop-down menu, select VirusScan Enterprise 8.7.0. 36 McAfee Total Protection for the "detection names" as provided in previous tasks are listed, the agent on how many products you created in ePO reports and local client log files...