McAfee VirusScan & EPolicy Orchestrator Administration .

Transcription

Course DescriptionMcAfee VirusScanand ePolicy OrchestratorAdministration CourseIntel Security Education Services Administration Course TrainingThe McAfee VirusScan and ePolicy Orchestrator Administration course fromMcAfee Education Services enables attendees to receive in-depth trainingon the benefits of the centralized management and deployment of McAfeeproducts. Enabling administrators to fully understand the capabilities of theirsecurity solution, not only reduces the risks of misconfiguration, but alsoensures that an organization gets the maximum protection from installation.Course Goals Plan the deployment.Install and configure ePolicyOrchestrator software.Agenda At A GlanceDay 1Welcome Security Connected and ePOOverviewSet up the ePolicy Orchestratorserver. Planning a McAfee ePO DeploymentManage users and resources Installing McAfee ePOManage network security,policies, and databases.Monitor and report on networksecurity status.Install and us McAfee Agent. Audience System and network Systemand network administrators,security personnel,auditors, and/or consultantsconcerned with network andsystem security should takethis courseshould take thiscourse.Managing Permission Sets andUsers Creating the System Tree Using the Tag CatalogImplement VirusScan Enterprisetechnologies.Register Now for Training

Course DescriptionAgenda At A Glance ContinuedDay 2Sorting the System Tree McAfee Agent System Information Client Tasks Managing Policies Deploying Software for ManagedSystemsDay 3Repositories Product Maintenance withRepositories Managing Dashboards and Monitors Working with Queries and Reports Automatic Responses andNotificationsDay 4Database Maintenance and ServerUtilities Disaster Recovery VirusScan Enterprise Overview VirusScan Enterprise Best Practices –Part 1VirusScan Enterprise Best Practices –Part 2Course OutlineModule 1: WelcomeAbout this course Locating Resources Lab EnvironmentModule 2: Security Connected and ePolicyOrchestrator OverviewIntroducing McAfee SecurityConnected Manifestation of Security Connected Security Connected Framework Integration with Third-PartyProductsSecurity Connected SolutionPlatform Solution Overview New for this Release Basic Solution Components Web Interface Menu Pages Customizing the User Interface Architecture and Communication User Interface Functional Process Logic Data StorageModule 3: Planning a McAfee ePolicyOrchestrator DeploymentPlanning Overview Recommended Pre-WorkIt is recommended that students have aworking knowledge of Microsoft Windowsadministration, system administration concepts,a basic understanding of computer securityconcepts, and a general understanding ofInternet services. Server Hardware Estimates ePO Server Hardware Requirements ePO Server Operating Systems Translated Languages Microsoft Prerequisite Software SQL Server Database Requirements Supported Web Browsers Virtual Infrastructure Requirements Port RequirementsMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course Description Deployment Considerations Deployment Scenarios Configuration Storage Area Network (SAN) DevicesModule 5: Managing Permission Sets and UserAccountsPermission Sets Overview Default Permission Sets Configuration GuidelinesManaging Scalability Duplicating or Adding PermissionSet Environmental Factors Implementation Process Checklist Editing or Deleting Permission Sets Change Control Exporting All or Importing User Account Overview Guidelines for Authentication Types Creating User Account Personal Settings Overview Changing Personal SettingsModule 4: Installing ePolicy OrchestratorSoftwarePlatform Requirements Communication PortsDeployment GuidelinesChange Control Editing Default Session TimeoutInterval Database Sizing Managing Scalability Managing Users with AD Environmental Factors Registering LDAP Server Planning Your Installation Enabling Active Directory User Login Mapping Permission Sets Express, Custom, and ClusterInstallation Workflows SQL Server Installation Installing ePO Software Post-Installation Tasks Logging into ePO for the First Time Importing the Root Certificate Using Automatic ProductConfiguration ToolUsing Guided ConfigurationViewing/Editing Port Assignmentsin ePO Maintaining the SQL Database Purging the Database Basic Troubleshooting Configuring ePO for Multiple NICs Upgrading ePOModule 6: Creating and Populating the SystemTreeSystem Tree Overview Planning System Tree:ConsiderationsPlanning System Tree: BordersPlanning System Tree: Ways to BuildTree Planning System Tree: Agent Install Adding Groups Manually Importing System Tree Structure AD and NT Domain SynchronizationOverviewNT Domains SynchronizationOverview Synchronizing NT Domains Configuring Agent Push Settings AD Synchronization OverviewMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course Description Registering LDAP Server Update vs. Upgrade Synchronizing AD Communications Maintaining Synchronization Installation Overview Moving Groups and Systems Agent Deployment Overview Best Practices Pushing Agent Deploying Agent Using Agent Install PackageCreating Client-side Download URLModule 7: Using the Tag CatalogTag Catalog Who Can Use Tags? Working with Tag Groups Using Smart Installer Adding Tags with New Tag Builder Using Windows Login ScriptApplying and Clearing Tags fromSystems Using Agent Image (Windows) Converting Agent to Managed Mode Removing McAfee Agent Excluding Systems from AutomaticTagging Using the Command-Line forCustomization Viewing Systems Excluded from Tag Applying Criteria-based Tags Using System Tray Icon Managing Tags Viewing Agent Activity LogsModule 8: Sorting the System TreeSystem Tree Sorting Module 10: System InformationSystems Tab Overview How ePO Determines Placement Customizing the Systems Tab Criteria-based Sorting Choosing Columns How IP Address Filtering Works Filtering Data Checking IP Integrity Viewing System Information Changing the Sort Order Using System Information Monitors Initiating Sort Now Customizing Summary Monitor Initiating Test Sort Customizing Properties Monitor Initiating Move Systems Customizing Chart Monitor Using System Information Tables System Properties Tab OverviewModule 9: McAfee AgentSolution Overview McAfee Agent and SuperAgent Managed Systems New This Release Planning the Installation orDeployment Platform Requirements Installation vs. DeploymentMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course DescriptionModule 11: Client TasksClient Tasks Overview Manually Installing Extensions Manually Checking in Packages Using Client Tasks Creating Client Task Editing Client Task Product Deployment Overview Deleting Client Task Product Deployment Project Duplicating Client Task Assigning Client Task Task Inheritance Editing Task to Block Inheritance Other Client Tasks VirusScan On-Demand Scan Task McAfee Agent Wakeup (Windowsonly)McAfee Agent: Mirror Repositories(Windows)Product Deployment Policy CatalogDuplicating, Creating, and EditingPolicyCheckpoint: ePO SummaryDashboardCreating a Product DeploymentProjectManaging Deployment ProjectsViewing Details for ProductDeployments Client Task Catalog Product Update ConsiderationsMcAfee Agent Statistics Client TaskModule 12: Managing PoliciesPolicies Overview Module 14: RepositoriesMaster Repository Source Repositories Fallback Site Distributed Repositories Default Repositories Repository Platforms and Roles Repository Branches Adding Source Site Ensuring Access to Source Site Changing the Owner of a Policy Enabling or Disabling Fallback Site Exporting and Importing a Policy Editing or Deleting Site Renaming or Deleting Policy Adding Distributed Repository Enabling Folder Sharing Locking Assignment andEnforcement Policy Assignment and EnforcementViewing and Resetting BrokenInheritance SuperAgent LazyCaching Creating a Hierarchy of SuperAgents Agent Relay Capability Collecting McAfee Agent StatisticsPolicy ComparisonModule 13: Deploying Software for ManagedSystemsAcquiring Software Components Software Manager Using the Software ManagerCreating SuperAgent DistributedRepositoryAdding Unmanaged or LocalRepository Permission Sets Export and ImportMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course DescriptionModule 15: Product Maintenance withRepositoriesGlobal Updating OverviewModule 17: Working with Queries and ReportsQueries and Reports Overview Requirements for Global UpdateSuperAgent Repositories and GlobalUpdating Working with Queries Basic Query Page Controls Using Queries as DashboardMonitors Enabling Global Updating CommonUpdater AutoUpdate Process Incremental Updating Update Progress Dialog Server Tasks Log Drill-down on Log Entries Permission Set for Server Tasks Updating Repositories Creating a Repository Pull Task Making Personal Queries Public Creating Repository Replication Task Duplicating and Sharing Queries Pull and Replication Task Guidelines Importing Queries Working with Reports Settings for Print and Export Creating and Editing Reports Troubleshooting Task FailureModule 16: Managing Dashboards andMonitorsDefault Dashboards Public and Private Queries Using the Query Builder Default and Actionable Queries Using Preconfigured Queries Query Groups and Permissions Multi-Server Data Roll-up Overview Automatic Query Actions Exporting Query Results to OtherFormats Adding Elements to Report Dashboard Actions Configuring Report Elements Assigning Dashboard Permissions Dashboards Guidelines Monitor Guidelines Viewing Report Output Adding, Editing, Removing Monitor Moving a Report to Different Group Dashboards Server Settings Running Reports Specifying Default Dashboards Filtering Events Customizing Report Headers andFootersEditing Default Dashboard RefreshInterval Designing Dashboards Performance Optimizer Types of Assessments Server Assessment TaskMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course DescriptionModule 18: Automatic Responses andNotificationsHow the Automatic ResponsesFeature WorksModule 20: Disaster RecoveryDisaster Recovery Overview Enabling Default Rules Automatic Response Builder Configuring Independent Rules Preparing Components andPermissions How Disaster Recovery Works Using Server Task for Snapshot Taking Snapshot from Dashboard Identifying Server Snapshot StatusDetermining a Disaster RecoveryPlanScenario: Simple Disaster RecoveryPlan Assigning Permissions Specifying Email Contacts List Configuring Email Server Determining Events to Forward Configuring Event Interval Specifying SNMP Server Recovery Installation Workflow Importing .MIB Files Performing Recovery Installation Specifying Registered Executables Disaster Recovery Best PracticesModule 19: Database Maintenance and ServerUtilitiesMaintenance Overview Automating Maintenance with ServerTasksEditing Permission Sets for ServerTaskUsing cron Syntax in SchedulePurge OverviewPurging Data Manually andAutomatically Features and Benefits Basic Components DATs (Signatures) Scan Engine DAT and Scan Engine Updates Artemis and McAfee Labs Optional Components Planning a VSE DeploymentSupported Operating SystemsSupported Language Choices Purging Records Using Queries Editing Event Filtering Settings Backup Overview Manually Initiating a Backup Restore Overview Initiating a RestoreTransaction Log OverviewShrinking Transaction LogUsing Transact-SQLManaging Server SettingsScenario: Cold/Hot Spares - OnePhysical SiteScenario: Cold/HotSpares - Two Physical SitesModule 21: VirusScan Enterprise OverviewSolution Overview Scenario: Server ClustersGuidelines for Special InstallationCases Installation Overview Preconfiguring, Deploying, Updating Using McAfee Installation Designer Using the VirusScan Console Testing VirusScan VSE Removal OptionsMcAfee. Part of Intel Security.2821 Mission College BoulevardSanta Clara, CA 95054888 847 8766www.intelsecurity.com

Course DescriptionModule 22: VirusScan Best Practices - Part 1Access Protection Overview Configuring Access Protection Buffer Overflow Protection Overview On-Access Scanning Overview Configuring On-Access Scanning On-Delivery Email Scanner Overview Configuring System Utilization Filtering 1051 and 1059 EventsPotentially Unwanted ProgramsOverviewConfiguring PUPs Processes You Can Add as Low-Risk Configuring Buffer OverflowProtection Configuring On-Delivery Email ScanPoliciesQuarantine ManagerConfiguring Quarantine ManagerPolicies On-Demand Scanning Overview Configuring On-Demand Scan Task VirusScan Mirror Task Server Tasks Monitoring and Analyzing Protection Fine-tuning ProtectionModule 23: VirusScan Best Practices - Part 2Disabling Processes on Enable Configuring Scanning of TrustedInstallers Exclusions Overview Adding/Editing Exclusion Items Using Wildcard Exclusions Symbols Managing Exclusions with HardwarePaths Windows File Protection McAfee Agent Exclusions Defining Low / High-Risk ProcessesPoliciesDetermining Number of ScanningPoliciesIntel and the Intel logo are registered trademarks of the Intel Corporation in the US and/or other countries. McAfee and the McAfee logo are registeredtrademarks or trademarks of McAfee, Inc. or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the propertyof others. The product plans, specifications and descriptions herein

Installing McAfee ePO . Register Now for Training. Course Description McAfee. Part of Intel Security. 2821 Mission College Boulevard Santa Clara, CA 95054 888 847 8766 www.intelsecurity.com Agenda At A Glance Continued Day 2 Sorting the System Tree McAfee Agent System Information Client Tasks Managing Policies Deploying Software for Managed Systems Day 3 Repositories Product