Settings for
|
Select
Workstation or
Server from the drop-down list.
Note: This option is only available via
ePolicy Orchestrator.
|
Access protection
settings
|
- Enable access
protection — Enables the access protection feature.
- Prevent McAfee services
from being stopped— Prevent users without debug privileges from
terminating
McAfee processes.
Users with debug program privileges can still stop
McAfee processes even though you select this option.
Administrators have debug program privileges by
default for Windows XP and Windows 2003 operating systems. Remove these
privileges from the user’s permissions so that they cannot stop
McAfee processes.
CAUTION: Failure to enable access protection and
prevent
McAfee services from
being stopped leaves your system unprotected from numerous malware attacks.
|
Access protection
rules
|
Categories — Select a category to
display the rules for that category. Rules are organized into these categories:
- Anti-virus Standard
Protection
- Anti-virus Maximum
Protection
- Anti-virus Outbreak Control
- Common Standard Protection
CAUTION: Failure to configure Common Standard
Protection, and enable
Block and
Report, for the following rules
leaves your system unprotected from numerous malware attacks:
- Prevent
modification of
McAfee
files and settings.
- Prevent
modification of
McAfee Common
Management Agent files and settings.
- Prevent
modification of
McAfee Scan
Engine files and settings.
- Prevent
termination of
McAfee
processes.
- Common Maximum Protection
- Virtual Machine
Protection
- User-defined Rules
- Anti-spyware Standard
Protection
- Anti-spyware Maximum
Protection
See
How access protection rules are defined for more
information.
|
|
Block/Report/Rules — Configure the
rules:
-
Block
— Blocks the process that is specified in
the
Rule Details. Select
Block to enable the rule or
deselect it to disable the rule.
Note:
To block access attempts without logging, select
Block but do not select
Report.
-
Report — Enables reporting of
attempts to violate access protection. When a detection occurs, information is
recorded in the activity log.
Note:
To receive a warning without blocking access
attempts, select
Report, but do not select
Block. This is useful when
the full impact of a rule is not known. Monitor the logs and reports for a
short while to determine whether to block access.
-
Rules — Use the rules to
protect your computer from unwanted changes. Rules are organized by category.
First select the category, then select the rule. See
Configuring predefined rules and
Configuring user-defined rules
for more information.
New — Create a new user-defined
rule. See
Configuring user-defined rules for more
information.
Edit — Change an existing rule.
Delete — Remove an existing
user-defined rule.
Note:
You can only delete user-defined rules. Other
rules can be edited or disabled, but not deleted. To disable a rule, deselect
both the
Block and
Report options.
|