Settings for
|
Select
Workstation or
Server from the drop-down list.
Note: This option is only available via
ePolicy Orchestrator.
|
Access protection
settings
|
- Enable access
protection — Enables the access protection feature.
- Prevent McAfee services
from being stopped— Prevent users without debug privileges from
terminating
McAfee processes.
Users with debug program privileges can still stop
McAfee processes even though you select this option.
Administrators have debug program privileges by
default for Windows XP and Windows 2003 operating systems. Remove these
privileges from the user’s permissions so that they cannot stop
McAfee processes.
CAUTION: Failure to enable access protection
and prevent
McAfee services from
being stopped leaves your system unprotected from numerous malware attacks.
|
Access protection
rules
|
Categories — Select a category
to display the rules for that category. Rules are organized into these
categories:
- Anti-virus Standard
Protection
- Anti-virus Maximum
Protection
- Anti-virus Outbreak Control
- Common Standard Protection
CAUTION: Failure to configure Common
Standard Protection, and enable
Block and
Report, for the following
rules leaves your system unprotected from numerous malware attacks:
- Prevent modification of
McAfee
files and settings.
- Prevent modification of
McAfee Common
Management Agent files and settings.
- Prevent modification of
McAfee Scan
Engine files and settings.
- Prevent termination of
McAfee
processes.
- Common Maximum Protection
- Virtual Machine Protection
- User-defined Rules
- Anti-spyware Standard Protection
- Anti-spyware Maximum Protection
See
How access protection rules are defined for more
information.
|
|
Block/Report/Rules — Configure
the rules:
-
Block
— Blocks the process that is specified
in the
Rule Details. Select
Block to enable the rule or
deselect it to disable the rule.
Note:
To block access attempts without logging, select
Block but do not select
Report.
-
Report — Enables reporting
of attempts to violate access protection. When a detection occurs, information
is recorded in the activity log.
Note:
To receive a warning without blocking access
attempts, select
Report, but do not
select
Block. This is useful
when the full impact of a rule is not known. Monitor the logs and/or reports
for a short while to determine whether to block access.
-
Rules — Use the rules to
protect your computer from unwanted changes. Rules are organized by category.
First select the category, then select the rule. See
Configuring anti-virus and common rules and
Configuring user-defined rules
for more information.
New — Create a new
user-defined rule. See
Configuring user-defined rules for more
information.
Edit — Change an existing
rule.
Delete — Remove an existing
user-defined rule.
Note:
You can only delete user-defined rules. Other
rules can be edited or disabled, but not deleted. To disable a rule, deselect
both the
Block and
Report options.
|