Chapter 4: Configuring RealSecure Desktop Protector

Connecting to ICEcap Manager

Introduction

RealSecure Desktop Protector interacts with ICEcap Manager management and reporting

 

console to provide enterprise-wide security monitoring and management. If ICEcap

 

Manager application has granted local control, you can use the ICEcap tab to manually

 

configure how Desktop Protector reports intrusion information to an ICEcap server.

Procedure

To configure the local Desktop Protector agent to report to ICEcap Manager and receive

 

updates from ICEcap Manager:

1. On the Main Menu, select Tools ÆEdit BlackICE Settings.

2. Select the ICEcap tab.

3. Is Enable local configuration editing selected? If yes, go to Step 4.

If no, you cannot change any settings from the local agent. Contact your ICEcap administrator.

4. Select Reporting enabled.

5. In the URL text box, enter the fully qualified URL of the ICEcap server in the format http://<ICEcap server name>:<HTTP event port number>. For example, if ICEcap Manager is on a server named ICECAP using event port 8082 (the default), enter http://ICECAP:8082. You can use the ICEcap server’s IP address or DNS name.

6. In the Account Name text box, enter ICEcap Manager account name to use when uploading data. Refer to your ICEcap Manager documentation for more information about account names. The default account name is iceman.

7. In the Password text box, enter the current ICEcap Manager event password. This is the password that Desktop Protector uses to authenticate itself when it reports events to the ICEcap server.

8. In the Group Name text box, specify ICEcap Manager group to which this Desktop Protector installation is assigned.

Note: This group must be created beforehand in ICEcap Manager and must have the correct configuration settings to report properly. See the RealSecure ICEcap Manager User Guide for more information about groups and group name precedence settings.

9. In the Proxy URL text box, enter the fully qualified URL for the proxy server, if any. If you are not using a proxy server, leave this field blank.

10. Click OK.

Testing your ICEcap To see if your local agent can communicate with the ICEcap server: connection

1.On the Main Menu, select Tools ÆEdit BlackICE Settings.

2.Select the ICEcap tab.

3.Click Test.

Desktop Protector sends a proactive heartbeat to the ICEcap server and ICEcap Manager updates the local agent’s settings.

4.One of four messages appears in the Last Status text box:

32

Page 39 Page 41
Page 40
Image 40
Internet Security Systems Desktop Protector, 3.5 manual Connecting to ICEcap Manager, Updates from ICEcap Manager
Page 39 Page 41

3.5, Desktop Protector specifications

Internet Security Systems Desktop Protector 3.5 is a robust cybersecurity solution designed to provide comprehensive protection for personal computers and workstations. As cyber threats continue to evolve, this software aims to protect users against malware, phishing, and other malicious attacks with its advanced feature set and technologies.

One of the main features of Desktop Protector 3.5 is its real-time scanning capability. It constantly monitors files and applications on the system for any signs of malicious activity. This proactive approach ensures that harmful software is detected and neutralized before it can execute, providing users with peace of mind as they navigate the internet or access sensitive information.

Another significant feature is the integrated firewall. This firewall effectively controls incoming and outgoing traffic, offering an additional layer of protection by blocking unauthorized access to the user's network. Users can configure the firewall settings to tailor their security level according to their specific needs, ensuring flexibility and adaptability.

Desktop Protector 3.5 also incorporates advanced heuristic analysis technology. Unlike traditional antivirus solutions that rely primarily on known malware signatures, heuristic analysis examines the behavior of files and applications. This allows the software to identify and block new or unknown threats based on their potential behavior, significantly enhancing its detection capabilities.

The software's user-friendly interface makes it accessible to users of all technical backgrounds. With straightforward navigation and intuitive controls, even those who are not tech-savvy can efficiently manage their security settings and monitor their system's health.

Moreover, Desktop Protector 3.5 offers automated updates, ensuring that the security software remains current with the latest threat definitions and security patches. This feature guarantees that users are always safeguarded against emerging threats without requiring manual intervention.

Another noteworthy characteristic is its low system impact; Desktop Protector 3.5 is designed to operate seamlessly in the background. Users can work, play, or browse the internet without experiencing noticeable lag or performance issues, making it an ideal security solution for both personal and professional environments.

With its combination of powerful features, advanced technologies, and user-centric design, Internet Security Systems Desktop Protector 3.5 stands out as a reliable choice for anyone seeking to enhance their cybersecurity posture in an increasingly digital world.
Top Page Image Contents