McAfee Training ePo Training

Session 2
Topics
1. DAT file updating
2. Monitoring rogue sensor
3. In policy catalog how to create policies?
4. Client task catalog
5. Automation
6. Is there any option to block websites?
7. How does user management works?
8. System tree
9. Dashboard
10. Reports( manageable )
---------------------------------------------------------------------------

1. DAT file updating

What are DAT files?
Virus definition or DAT files contain virus signatures and other information
that McAfee anti-virus products use to protect your computer against
existing and new potential threats. McAfee releases DAT files on a daily
basis. We also release new DAT files when any threat is assessed by McAfee
Labs to have a medium or higher risk. To ensure that your anti-virus
software can protect your system or network against the latest threats, you
must ensure you are using the most recent DAT files.
What McAfee products use DAT files?
The following McAfee products that use the AV Scanning Engine and DAT
files:
AntiSpyware Enterprise
Anti-Virus Scanning Engine
Email and Web Security Appliance Software
GroupShield for Exchange
LinuxShield
PortalShield
SaaS Endpoint Protection
Security for Lotus Domino
Security for Mac
Security Service for Exchange
Security for SharePoint
SuperDAT Manager
VirusScan Command Line Scanner
VirusScan Enterprise
VirusScan Enterprise for Linux
VirusScan Enterprise for Offline Virtual Images
VirusScan Enterprise for SAP
VirusScan for Mac
VirusScan for UNIX
Current content is compared with available content
New content is downloaded and temporarily stored on the disk
Once downloaded the new .DAT files are prepared (decompress)

 Old AVV*.DAT files are backed-up (overwriting any existing old files)
New files are swapped into place
Update event should be generated
Normal operation resumes

https://kc.mcafee.com/corporate/index?page=content&id=KB55986

2. Monitoring rogue sensor

Rogue System Detection provides real-time discovery of rogue systems,
through the use of a Rogue System Sensor that can be installed throughout
the network. The sensor listens to network broadcast messages and DHCP
responses to detect systems connected to the network. When a sensor
detects a system on the network, it sends a message to the ePO server, which
then checks whether the system has an active agent installed.
If the system is unknown to the ePO server, Rogue System Detection provides
information to ePolicy Orchestrator to allow you to take remediation steps,
or optionally, to automatically take action such as deploying an agent to the
detected system.

What is Rogue System?

LAB: Install Rouge sensor on Windows Server.

3. In policy catalog how to create policies?
What is Policy?

Policy Catalog Page

LAB: Creating a new policy

To create a new policy:

1.Click Menu on the navigation bar. Select Policy Catalog within the Policy section.
2.Select the Product and Category from the drop-down lists. All created policies for the selected
category appear in the details pane.
3.Click Actions - New Policy. The Create New Policy dialog appears.
4.Select the policy you want to duplicate from the Create a policy based on this existing policy
drop-down list. Type a name for the new policy and click OK. The Policy Settings wizard opens.
5.Edit the policy settings on each tab, as needed.
6.Click Save.

4. Client task catalog

LAB:

5. Automation

The automatic Response Process

LAB:

6. Is there any option to block websites?

Gain an extra measure of protection
Guard your employees and your organization against web-based malware
like adware, spyware, viruses, and phishing scams.
Deploy and manage with ease
Use McAfee ePolicy Orchestrator (ePO) software to deploy, manage, and
report on McAfee SiteAdvisor Enterprise solutions across your entire
organization.
Search without worry
Research on the web without unintentionally wandering into dangerous
territory. When you search with Google, Yahoo, MSN, AOL, Bing, or a
variety of other search engines, you get a safety rating next to each search
result.
Support multiple browsers and search engines
Use SiteAdvisor as a plug-in for Microsoft Internet Explorer, Mozilla Firefox,
or Google Chrome.
Browse safely with advanced warnings
Identify sites that are safe, and those that are not, with our color-coded
rating system.

Increase productivity
Prohibit access to undesirable websites by using SiteAdvisor Enterprise. You
can also customize SiteAdvisor Enterprise to permit access to whatever
risky sites you deem necessary.
Protect remote users
Strengthen your web security and ensure around-the-clock Internet
protection for remote employees. McAfee Web Filtering for Endpoint is an
add-on module to SiteAdvisor Enterprise that provides secured web access
for anyone using the Internet for work-related or personal business in or
out of network.

7. How does user management works?

Add new user

8. System tree
System Tree ePO uses the System Tree to organize, present and manage
all the ePO managed systems in your network. Via the System Tree,
administrators can logically group and create any hierarchical structure or
view of their managed network that they desire. Alternately, systems can
be synchronized from Active Directory, permitting the duplication of an
already created organizational structure in ePO. From the System Tree,
client tasks or policy management can be conducted at an individual
system, group or subgroup.

9. Dashboard

LAB:
10. Reports( manageable )

LAB:
New report Create :

Edit Existing Report: