Please note, the default policies have been transfered across to the latest version of McAfee products (ENS 10.x) and this page will be updated to reflect the final settings at a later date
Policies from VSE 8.8 are migrated to ENS 10.x as shown here:
Agent:
General
General Tab |
||
|
Default Settings |
Configured (if different) |
General options: |
|
|
Policy enforcement interval (minutes): |
5 |
|
Show the McAfee system tray icon (Windows only) |
On |
|
Allow end users to update security from the McAfee system tray menu |
Off |
|
Enable agent wake-up call support |
On |
|
Enable super agent wake-up call support (Windows only) |
On |
|
Accept connections only from the ePO server |
On |
|
Convert agents to SuperAgents (Windows only) |
On |
|
Use systems running SuperAgents as distributed repositories |
Off |
|
Run agent processes at lower CPU priority (Windows only) |
On |
|
Reboot options after product deployment (Windows only): |
|
|
Prompt user when a reboot is required |
On |
|
Force automatic reboot after (seconds) |
Off |
|
Agent-to-server communication: |
|
|
Enable agent-to-server communication |
On |
|
Agent-to-server communication interval |
60 |
|
Initiate agent-to-server communication within 10 minutes after startup if policies are older than (days): |
1 |
|
Send full product properties in addition to system properties. If unchecked only minimal product properties are sent in addition to system properties |
On |
|
Events tab |
||
|
Default Settings |
Configured (if different) |
Priority event forwarding: |
|
|
Enable priority event forwarding |
On |
|
Forward events with a priority equal or greater than: |
Warning |
|
Interval between uploads (minutes): |
5 |
|
Maximum number of events per upload: |
10 |
20 |
Logging Tab |
||
|
Default Settings |
Configured (if different) |
Agent Activity Log options: |
|
|
Enable Agent Activity Log |
On |
|
File message limit in lines (on Windows) or KB (on Unix): |
200 |
|
Enable detailed logging |
Off |
|
Enable remote access to log |
Off |
On |
Updates Tab |
||
|
Default Settings |
Configured (if different) |
Product update log file: |
None |
|
Post-update options: |
None |
|
DAT file downgrades: |
|
|
Enable DAT file downgrades when the version in the repository is older than local version |
Off |
|
Repository branch to use for each update type: |
|
|
Select which branch to use for each update type No packages are available in the repository |
|
|
Signatures and engines: |
All set to Current |
|
Patches and service packs: |
All set to Current |
|
Repository
Repositories tab |
||
|
Default Settings |
Configured (if different) |
Repository list selection: |
|
|
Use this repository list |
On |
|
Use other repository list |
Off |
|
Select repository by: |
|
|
Ping time |
On |
|
Ping timeout (seconds): |
30 |
|
Repository list: |
|
|
Automatically allow clients to access newly-added repositories |
Off |
|
1 |
ePO_EPO |
|
2 |
McAfeeHttp |
|
Proxy Tab |
||
|
Default Settings |
Configured (if different) |
Proxy settings: |
|
|
Do not use a proxy |
On |
|
Troubleshooting
General Tab |
||
|
Default Settings |
Configured (if different) |
Language options: |
|
|
Select language used by agent: (Windows, Mac OSX and EWS agents only) |
Off |
|
Anti-malware for Mac 9.0.0
General Tab |
||
|
Default Settings |
Configured (if different) |
General policies controlling overall functioning of Anti-malware |
|
|
On-access Scan |
On |
|
On-access Scan Tab |
||
|
Default Settings |
Configured (if different) |
On-access Scan policies |
|
|
Scan contents of Archives and Compressed Files |
Off |
On |
Scan Apple Mail Messages |
Off |
On |
Scan files on Network Volumes |
Off |
|
Maximum scan time (seconds) |
45 |
|
Scan files |
On Write |
|
When a virus is found |
Clean |
|
If the above action fails |
Quarantine |
|
When a spyware is found |
Clean (Greyed out) |
|
If the above action fails |
Quarantine (Greyed out) |
|
On-demand Scan Tab |
||
|
Default Settings |
Configured (if different) |
On-demand Scan policies |
|
|
Scan contents of Archives and Compressed Files |
On |
|
Scan Apple Mail Messages |
On |
|
When a virus is found |
Clean |
|
If the above action fails |
Quarantine |
|
When a spyware is found |
Clean (Greyed out) |
|
If the above action fails |
Quarantine (Greyed out) |
|
Exclusions Tab |
||
|
Default Settings |
Configured (if different) |
Exclude specific disks, files and folders |
None |
|
On-access scan |
Off |
|
On-demand scan |
Off |
|
VirusScan 8.8:
On-Access General Policies
General Tab |
||
|
Default Settings |
Configured (if different) |
Scan: |
Scan |
Scan |
Boot Sectors |
On |
|
Floppy during shutdown |
Off |
|
Processes on enable |
Off |
On |
Trusted installers |
Off |
|
|
|
|
Enable on-access scanning: |
|
|
Enable on-access scanning at system startup |
On |
|
Enable on-access scanning when the policy is enforced. |
On |
|
Maximum scan time: |
|
|
Enforce a maximum scanning time for all files |
On |
|
Maximum scan time (seconds) |
(45) |
|
|
|
|
Cookies: |
|
|
Scan cookie files |
On |
|
|
|
|
Artemis (Heuristic network check for suspicious files: |
|
|
Sensitivity level |
Very Low |
High |
ScriptScan tab |
||
|
Default Settings |
Configured (if different) |
Enable ScriptScan |
On |
|
ScriptScan exclusions |
None |
|
Blocking Tab |
||
|
Default Settings |
Configured (if different) |
Message: |
|
|
Send a message |
Off |
|
Block the connection: |
|
|
Block the connection when a threatened file is detected in a shared folder. |
On |
|
Unblock connection after |
10 minutes |
|
Block the connection when a file with a potentially unwanted program is detected in a shared folder. |
Off |
|
Messages Tab |
||
|
Default Settings |
Configured (if different) |
User message: |
|
|
Show messages dialog when threat detected |
On |
|
Notify the user when a cookie detection occurs |
Off |
|
Message text |
VirusScan Alert! |
|
Actions available to user: |
|
|
Remove messages from list |
On |
|
Clean files |
On |
|
Delete files |
Off |
|
Reports Tab |
||
|
Default Settings |
Configured (if different) |
Log to file |
On (default file) |
|
Log file location |
%DEFLOGDIR%\OnAccessScanLog.txt |
|
Limit size of log file |
On |
20MB |
Format |
Unicode (UTF8) |
|
What to log in addition to virus activity: |
|
|
Session settings |
Off |
|
Session summary |
On |
|
Failure to scan encrypted files |
On |
|
On-Access Default Process Policies
Processes Tab |
||
|
Default Settings |
Configured (if different) |
Configure one scanning policy for all processes |
On |
|
Configure different scanning policies for high-risk, low-risk and default processes |
Off |
|
Scan Items tab |
||
|
Default Settings |
Configured (if different) |
Scan files: |
|
|
When writing to disk |
On |
|
When reading from disk |
On |
|
On network drives |
Off |
|
Opened for backup |
On |
|
File types to scan: |
All files |
|
Heuristics: |
|
|
Find unknown unwanted programs and trojans |
On |
|
Find unknown macro threats |
On |
|
Compressed files: |
|
|
Scan inside archives (eg .ZIP) |
Off |
On |
Decode MIME encoded files |
Off |
|
Unwanted Program Detection : |
|
|
Detect unwanted programs |
On |
|
Exclusions tab |
||
|
Default Settings |
Configured (if different) |
What not to scan |
None |
|
How to handle client exclusions |
On |
|
Actions Tab |
||
|
Default Settings |
Configured (if different) |
When a threat is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
When an unwanted program is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
On-Access Low-risk Process Policies
Low-Risk Processes Tab |
||
|
Default Settings |
Configured (if different) |
Processes |
Aexauditpls.exe |
|
Scan Items tab |
||
|
Default Settings |
Configured (if different) |
Scan files: |
|
|
When writing to disk |
On |
|
When reading from disk |
On |
|
On network drives |
Off |
|
Opened for backup |
On |
|
File types to scan: |
All files |
|
Heuristics: |
|
|
Find unknown unwanted programs and trojans |
Off |
|
Find unknown macro threats |
Off |
|
Compressed files: |
|
|
Scan inside archives (eg .ZIP) |
Off |
|
Decode MIME encoded files |
Off |
|
Unwanted Program Detection : |
|
|
Detect unwanted programs |
On |
|
Exclusions tab |
||
|
Default Settings |
Configured (if different) |
What not to scan |
None |
|
How to handle client exclusions |
On |
|
Actions Tab |
||
|
Default Settings |
Configured (if different) |
When a threat is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
When an unwanted program is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
On-Access High-risk Process Policies
High-Risk Processes Tab |
||
|
Default Settings |
Configured (if different) |
Processes |
42 processes |
|
Scan Items tab |
||
|
Default Settings |
Configured (if different) |
Scan files: |
|
|
When writing to disk |
On |
|
When reading from disk |
On |
|
On network drives |
Off |
|
Opened for backup |
On |
|
File types to scan: |
All files |
|
Heuristics: |
|
|
Find unknown unwanted programs and trojans |
On |
|
Find unknown macro threats |
On |
|
Compressed files: |
|
|
Scan inside archives (eg .ZIP) |
Off |
On |
Decode MIME encoded files |
Off |
|
Unwanted Program Detection : |
|
|
Detect unwanted programs |
On |
|
|
Exclusions tab |
||
|
Default Settings |
Configured (if different) |
What not to scan |
None |
|
How to handle client exclusions |
On |
|
Actions Tab |
||
|
Default Settings |
Configured (if different) |
When a threat is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
When an unwanted program is found: |
|
|
Perform this action first |
Clean files automatically |
|
If first action fails |
Delete files automatically |
Deny access to files |
On Delivery Email Scan Policies
Scan Items tab |
||
|
Default Settings |
Configured (if different) |
Scanning of Email |
On (Enable On-Delivery E-mail Scanner) |
|
Attachments to scan: |
All files |
|
Heuristics: |
|
|
Find unknown program threats and trojans |
On |
|
Find unknown macro threats |
On |
|
Find attachments with multiple extensions |
Off |
|
Compressed Files: |
|
|
Scan inside archives (e.g. Zip) |
On |
|
Decode MIME encoded files |
On |
|
Unwanted programs detection: |
|
|
Detect unwanted programs |
On |
|
E-mail message body (for Microsoft Outlook only): |
|
|
Scan e-mail message body |
On |
|
Artemis (Heuristic network check for suspicious file)s: |
|
|
Security level |
Very Low |
High |
Actions Tab |
||
|
Default Settings |
Configured (if different) |
When a threat is found: |
|
|
Perform this action first |
Clean attachments |
|
Secondary action |
Move attachments to a folder |
|
When an unwanted program attachment is found: |
|
|
Perform this action first |
Clean attachments |
|
Secondary action |
Move attachments to a folder |
|
Move to folder |
Quarantine |
|
Allowed Actions in Prompt dialog box: |
|
|
Clean attachment |
On |
|
Delete attachment |
On |
|
Move attachment |
On |
|
Delete Mail (for Outlook Scan only) |
On |
|
Alerts Tab |
||
|
Default Settings |
Configured (if different) |
E-mail Alert: |
|
|
Send alert mail to user |
Off |
|
Prompt for action message: |
Greyed out |
|
|
|
|
Notes Scanner Settings Tab |
||
|
Default Settings |
Configured (if different) |
Server Scanner Settings: |
|
|
Scan all server databases |
Off |
|
Scan server mailboxes |
On |
|
Mailbox root folder |
!!mail\ |
|
Advanced Options : |
None |
|
Reports Tab |
||
|
Default Settings |
Configured (if different) |
Log file: |
|
|
Enable activity logging |
On (default log file) |
|
Log file location: |
%DEFLOGDIR%\EmailOnDeliveryLog.txt |
|
Limit size of log file |
On |
20MB |
Format |
Unicode (UTF8) |
|
What to log in addition to scanning activity: |
|
|
Session settings |
Off |
|
Session summary |
On |
|
Failure to scan encrypted files |
On |
|
General Options Policies
Display Options Tab |
||
|
Default Settings |
Configured (if different) |
System tray icon: |
On (Show the system tray icon with all menu options) |
|
Console options: |
|
|
Allow this system to make remote console connections to other systems |
On |
|
Display managed tasks in the client console |
Off |
|
Disable default AutoUpdate task schedule |
Off |
|
Enable splash screen |
On |
|
Console Language settings: |
Automatic |
|
Password Options Tab |
||
|
Default Settings |
Configured (if different) |
User interface password: |
No password |
|
If you enable password protection, select the objects you wish to have password protected. |
|
|
Global Scan Setting Tab |
||
|
Default Settings |
Configured (if different) |
Scan Cache: |
|
|
Enable saving scan data across reboots |
On |
|
Allow On-Demand scans to utilize the scan cache |
On |
|
Alert Policies
Alert Manager Alerts Tab |
||
|
Default Settings |
Configured (if different) |
Components that generate alerts: |
|
|
On-Access Scan |
On |
|
On-Demand Scan and scheduled scans |
On |
|
Email Scan |
On |
|
AutoUpdate |
On |
|
Access Protection |
On |
|
Alert Manager options: |
|
|
Disable alerting |
Off |
|
Enable centralized alerting |
|
|
Enable alert manager alerting |
On |
|
Specify the location of the Alert Manager server that receives alerts: |
|
|
Do not use Active Directory Lookup |
|
|
Additional Alerting Options Tab |
||
|
Default Settings |
Configured (if different) |
Severity Filter |
Suppress Information alerts (severity < 1) |
|
Local Alerting: |
|
|
Log to local application event log |
On |
|
Send SNMP trap using SNMP service |
Off |
|
Access ProtectionPolicies
Access Protection Tab |
||
|
Default Settings |
Configured (if different) |
Access Protection Rules: |
|
|
Enable Access Protection |
On |
|
Prevent McAfee services from being stopped |
On |
|
Please note that the table below displays just the configured settings, NOT the default settings. |
|||||
Categories |
Block |
Report |
Rules |
||
|
Default |
Configured |
Default |
Configured |
|
Anti-spyware Standard Protection |
|
|
|
|
Protect Internet Explorer favorites and settings |
Anti-spyware Maximum Protection |
|
|
|
|
Prevent installation of new CLSIDs, APPIDs and TYPELIBs |
|
|
|
|
|
Prevent all programs from running files from the Temp folder |
|
|
|
√ |
|
Prevent execution of scripts from the Temp folder |
Anti-virus Standard Protection |
|
|
|
|
Prevent registry editor and Task Manager from being disabled |
|
|
|
|
|
Prevent user rights policies from being altered |
|
|
|
|
|
Prevent remote creation/modification of executable and configuration files |
|
√ |
|
√ |
|
Prevent remote creation of autorun files |
|
|
|
|
√ |
Prevent hijacking of .EXE and other executable extensions |
|
|
|
|
|
Prevent Windows Process spoofing |
|
√ |
|
√ |
|
Prevent mass mailing worms from sending mail |
|
√ |
|
√ |
|
Prevent IRC communication |
|
|
|
|
|
Prevent use of tftp.exe |
|
|
|
|
|
|
Anti-virus Maximum Protection |
|
|
|
|
Prevent svchost executing non-Windows executables |
|
|
|
|
|
Protect phonebook files from password and email address stealers |
|
|
|
|
|
Prevent alteration of all file extension registrations |
|
|
|
|
|
Protect cached files from password and email address stealers |
|
|
|
|
|
|
Anti-virus Outbreak Control |
|
|
|
|
Make all shares read-only |
|
|
|
|
|
Block read and write access to all shares |
|
|
|
|
|
|
Common Standard Protection |
√ |
|
√ |
|
Prevent modification of McAfee files and settings |
|
√ |
|
√ |
|
Prevent modification of McAfee Common Management Agent files and settings |
|
√ |
|
√ |
|
Prevent modification of McAfee Scan Engine files and settings |
|
|
|
|
|
Protect Mozilla & Firefox files and settings |
|
|
|
|
|
Protect Internet Explorer settings |
|
|
|
|
|
Prevent installation of Browser Helper Objects and Shell Extensions |
|
|
|
|
|
Protect Network Settings |
|
|
|
√ |
|
Prevent common programs from running files from the Temp folder |
|
|
|
|
|
Disable HCP URLs in Internet Explorer |
|
√ |
|
√ |
|
Prevent termination of McAfee processes |
|
|
|
|
|
|
Common Maximum Protection |
|
|
|
|
Prevent programs registering to autorun |
|
|
|
|
√ |
Prevent programs registering as a service |
|
|
|
|
√ |
Prevent creation of new executable files in the Windows folder |
|
|
|
|
|
Prevent creation of new executable files in the Program Files folder |
|
|
|
√ |
|
Prevent launching of files from the Downloaded Programs Files folder |
|
|
|
|
|
Prevent FTP communication |
|
|
|
|
|
Prevent HTTP communication |
|
|
|
|
|
|
Virtual Machine Protection |
|
|
|
|
Prevent Termination of VMWare Processes |
|
|
|
|
|
Prevent modification of VMWare Workstation files & settings |
|
|
|
|
|
Prevent modification of VMWare Server files & settings |
|
|
|
|
|
Prevent Modification of VMWare Virtual machine files |
|
|
|
|
|
|
User-defined Rules |
|
|
|
|
Block exe in AppData\Roaming |
|
Default Settings |
Configured (if different) |
Prevent McAfee services from being stopped |
On |
|
Reports Tab |
||
|
Default Settings |
Configured (if different) |
Log to file: |
On (default file) |
|
Log file location: |
%DEFLOGDIR%\AccessProtectionLog.txt |
|
Limit size of log file |
On |
20MB |
Format |
Unicode (UTF8) |
|
Buffer Overflow Protection Policies
Buffer Overflow Protection Tab |
||
|
Default Settings |
Configured (if different) |
Buffer overflow settings: |
On |
|
Warning mode |
Off |
|
Protection mode |
On |
|
Client system warning: |
On (Show the messages dialog box when a buffer overflow is detected) |
|
Buffer overflow exclusions: |
None |
|
Reports Tab |
||
|
Default Settings |
Configured (if different) |
Log to file: |
On |
|
Log file location: |
%DEFLOGDIR%\BufferOverflowProtectionLog.txt |
|
Limit size of log file |
On |
20MB |
Format |
Unicode (UTF8) |
|
Unwanted Programs Policies
Scan Items Tab |
||
|
Default Settings |
Configured (if different) |
Select categories of unwanted programs to detect: |
|
|
Spyware |
On |
|
Adware |
On |
|
Remote Administration Tools |
On |
|
Dialers |
On |
|
Password Crackers |
On |
|
Jokes |
On |
|
Key Loggers |
On |
|
Other Potential Unwanted Programs |
On |
|
Unwanted program exclusions |
None |
|
User-Defined items Tab |
||
|
Default Settings |
Configured (if different) |
User-defined detections: |
None |
|
Quarantine Manager Policies
QuarantineTab |
||
|
Default Settings |
Configured (if different) |
Quarantine Directory: |
<SYSTEM_DRIVE>\Quarantine |
|
Quarantined data retention: |
|
|
Automatically delete quarantined data |
On |
|
Number of days to keep backed-up data in the quarantine folder |
28 |
|