McAfee® Host Intrusion Prevention 6.1 Product Guide

General Policies

 

Configuring the Client UI policy

7

Disconnected User

This is a user, perhaps with a laptop, who is disconnected from the Host Intrusion Prevention server for a period of time. The user might have technical problems with Host Intrusion Prevention or need to perform operations without interaction with it. The Client UI policy enables this user to obtain a computer-specific, time-based password to perform administrative tasks, or to turn on or off protection features.

Administrator User

This is an IT administrator for all computers who needs to perform special operations on a client computer, overriding any administrator-mandated policies. The Client UI policy enables this user to obtain a non-expiring administrator password to perform administrative tasks.

Administrative tasks for both disconnected and administrator users include:

„Enabling or disabling IPS, Firewall, and Application Blocking Options policies.

„Creating additional IPS, Firewall, and Application Blocking rules if certain legitimate activity is blocked.

Administrative policy changes made from the ePolicy Orchestrator console will be enforced only after the password expires. Client rules created during this time are retained if allowed by administrative rules.

Creating and applying a Client UI policy

If the default Client UI policy does not have the settings you want, create a new policy and select the appropriate options. You can then apply the policy to one or a group of computers.

To configure a Client UI policy:

1In the console tree, select the group or computer where you want to apply the new policy.

2Expand the General feature and click Edit in the Client UI line. The policy name list becomes active.

3Select New Policy.

The Create New Policy dialog box appears.

Create a new, duplicate policy when viewing the details of a preset policy by clicking Duplicate at the bottom of the policy dialog box. Type the name of the new policy and

indicate whether to assign the policy immediately to the current node.

4Select the policy to duplicate, type the name of the new policy, and click OK.

The Client UI dialog box appears.

106

Page 106
Image 106
McAfee 6.1 manual Creating and applying a Client UI policy, Disconnected User, Administrator User