McAfee® Host Intrusion Prevention 6.1 Product Guide

Glossary

policy enforcement interval

The time period during which the agent enforces the settings it has received from the ePolicy Orchestrator server. Because these settings are enforced locally, this interval does not require any bandwidth.

policy files

Set of policy settings for one or more products that are saved to the local drive of the ePolicy Orchestrator server, but cannot be accessed by a remote console.

See also policy templates.

policy pages

Part of the ePolicy Orchestrator console; they allow you to set policies and create scheduled tasks for products, and are stored on individual ePolicy Orchestrator servers (they are not added to the master repository).

port scanning

A hacking technique used to check TCP/IP ports to reveal which services are available in order to plan an exploit involving those services, and to determine the operating system of a particular computer.

product deployment client task

A scheduled task for deploying all products currently checked into the master repository at once. It enables you to schedule product installation and removal during off-peak hours or during the policy enforcement interval.

profile

A grouping of policies based on common use of applications, network location, or access rights and privileges.

properties

Data exchanged during agent-to-server communication that includes information about each managed computer (for example, hardware and software) and its managed products (for example, specific policy settings and the product version number).

pull

The act of copying files from a source or fallback repository to the master repository. Because additional files can be added to the master repository manually, only those files on the source or fallback repository are overwritten.

quarantine mode

Enforced isolation of a computer until action can be taken to update protection policies.

reaction

The response by a client when intercepting a signature. Three possible reactions can occur: Ignore (ignores the operation), Log (logs the operation in the database as an intrusion), and Prevent (prevents the specific

illegal operation from taking place and logs it).

remote console

See ePolicy Orchestrator remote console.

Repository

The location that stores policy pages used to manage products.

selective updating

The ability to specify which version of updates you want client computers to retrieve from distributed software repositories.

See also branch.

server tasks

Tasks that can be executed on the server-side of the software.

193

Page 193
Image 193
McAfee 6.1 manual 193, Policy enforcement interval