7General Policies

The General feature of Host Intrusion Prevention provides access to policies that are general in nature and not specific to one feature.

This section describes the General feature and includes the following topics:

„Overview

„Configuring Enforce Policies

„Configuring the Client UI policy

„Configuring the Trusted Networks policy

„Configuring the Trusted Applications policy

Overview

General policies apply to IPS and firewall settings and take precedence over settings in individual IPS and firewall policies.

The Enforce Policies policy is the basic on/off switch for enforcing Host Intrusion Prevention administrative policies on the client.

The Client UI policy determines which options are available to a client computer with a Host Intrusion Prevention client, including whether the client icon appears in the system tray, types of intrusion alerts, and passwords for access to the client interface.

The Trusted Networks policy lists IP addresses and subnets that are safe for communication. Trusted networks can include subnets, individual IP addresses, or ranges of IP addresses. Marking networks as trusted eliminates or reduces the need for IPS exceptions and additional firewall rules.

The Trusted Applications Rules policy lists applications that are safe, have no known vulnerabilities, and are allowed to perform any operation. Marking applications as trusted eliminates or reduces the need for IPS exceptions and additional firewall and application blocking rules. Like the IPS Rules policy (see Configuring the IPS Rules policy on page 41), this policy category can contain multiple policy instances.

Settings for Trusted Networks and Trusted Applications policies can reduce or eliminate false positives, which aids in tuning a deployment.

103

Page 103
Image 103
McAfee 6.1 manual General Policies, Overview