Chapter 4: Configuring RealSecure Desktop Protector

Ignoring Events

You can configure RealSecure Desktop Protector to ignore events that are not a threat to your system.

Note: Ignoring an event is different from trusting an intruder. Ignoring disregards certain kinds of events. When an event type is ignored, Desktop Protector does not log any information about events of that type. Trusting excludes an address from intrusion detection. Intrusions from that address are not shown on the Events tab.

Ignoring an existing To ignore an event type: event type

1.On the Events tab, right-click the event/intruder combination.

2.On the shortcut menu, select Ignore Event.

3.From the submenu, select one of the following:

This Event: The BlackICE intrusion detection component ignores all future instances of the event.

This Event by this Intruder: The BlackICE intrusion detection component ignores all future instances of this event by the referenced intruder.

4.Click Yes.

Desktop Protector adds the event to the list of ignored events on the Detection tab in the BlackICE Settings window.

Ignore an event When you know of a potential event but haven’t seen that type of event yet, and you want

type in advance Desktop Protector to allow the event, you can preemptively ignore the event type. For example, you may want to ignore future HTTP port scans from your Internet Service Provider. Follow these steps:

1.From the Main Menu, select ToolsÆEdit BlackICE Settings.

2.Select Intrusion Detection.

3.Click Add.

The Exclude from Reporting window appears.

4.Do one of the following:

To ignore future events of a specific type, go to Step 5.

To ignore future events from a specific intruder, go to Step 6.

5.Select All in the Addresses to Trust area, and then go to Step 8.

6.Type the IP address of the intruder in the IP box.

Use standard 000.000.000.000 notation.

If you are specifying a range of IP addresses, place a dash between them. For example, 192.168.10.23–192.168.10.32.

7.In the Attacks to Ignore area, clear the All check box.

The system enables the Name and ID boxes, and disables the Add Firewall Entry check box.

8.Select the event type in the Name box, or select the event number in the ID box.

9.Click Add.

40

Page 47 Page 49
Page 48
Image 48
Internet Security Systems Desktop Protector, 3.5 Ignoring Events, Ignoring an existing To ignore an event type event type
Page 47 Page 49

3.5, Desktop Protector specifications

Internet Security Systems Desktop Protector 3.5 is a robust cybersecurity solution designed to provide comprehensive protection for personal computers and workstations. As cyber threats continue to evolve, this software aims to protect users against malware, phishing, and other malicious attacks with its advanced feature set and technologies.

One of the main features of Desktop Protector 3.5 is its real-time scanning capability. It constantly monitors files and applications on the system for any signs of malicious activity. This proactive approach ensures that harmful software is detected and neutralized before it can execute, providing users with peace of mind as they navigate the internet or access sensitive information.

Another significant feature is the integrated firewall. This firewall effectively controls incoming and outgoing traffic, offering an additional layer of protection by blocking unauthorized access to the user's network. Users can configure the firewall settings to tailor their security level according to their specific needs, ensuring flexibility and adaptability.

Desktop Protector 3.5 also incorporates advanced heuristic analysis technology. Unlike traditional antivirus solutions that rely primarily on known malware signatures, heuristic analysis examines the behavior of files and applications. This allows the software to identify and block new or unknown threats based on their potential behavior, significantly enhancing its detection capabilities.

The software's user-friendly interface makes it accessible to users of all technical backgrounds. With straightforward navigation and intuitive controls, even those who are not tech-savvy can efficiently manage their security settings and monitor their system's health.

Moreover, Desktop Protector 3.5 offers automated updates, ensuring that the security software remains current with the latest threat definitions and security patches. This feature guarantees that users are always safeguarded against emerging threats without requiring manual intervention.

Another noteworthy characteristic is its low system impact; Desktop Protector 3.5 is designed to operate seamlessly in the background. Users can work, play, or browse the internet without experiencing noticeable lag or performance issues, making it an ideal security solution for both personal and professional environments.

With its combination of powerful features, advanced technologies, and user-centric design, Internet Security Systems Desktop Protector 3.5 stands out as a reliable choice for anyone seeking to enhance their cybersecurity posture in an increasingly digital world.
Top Page Image Contents