McAfee virusscan tc 6 Betriebsanweisung
Setting Policy for On-Access Scanning
42
McAfee VirusScan TC
6. Select
Enable Centralized Alerting
if you have installed a McAfee
product that includes Alert Manager, such as the NetShield or
GroupShield software, on one or more servers, and want to continue
using it. This feature allows workstations to transmit alerts to a
centralized folder from which Alert Manager can retrieve and distribute
them, using the methods that you configured within Alert Manager.
GroupShield software, on one or more servers, and want to continue
using it. This feature allows workstations to transmit alerts to a
centralized folder from which Alert Manager can retrieve and distribute
them, using the methods that you configured within Alert Manager.
7. In the box labeled
Destination for alerts
, enter the path of the shared
folder. This is the share folder where the workstations will send their
alerts, in the form of .ALR files. It is also the folder from which the
NetShield program retrieves alerts, converts them into its own format,
and distributes them via the methods you have configured for Alert
Manager. Typically the shared folder is located on the NetShield server
where Alert Manager is located. However, you can configure Alert
Manager to look for the folder in a different location.
alerts, in the form of .ALR files. It is also the folder from which the
NetShield program retrieves alerts, converts them into its own format,
and distributes them via the methods you have configured for Alert
Manager. Typically the shared folder is located on the NetShield server
where Alert Manager is located. However, you can configure Alert
Manager to look for the folder in a different location.
æ
IMPORTANT:
Very careful planning is required to assure that
workstations have easy access to the shared folder without
compromising overall network security. Achieving this combination
requires that you a) designate the shared folder as a NullSessionShare,
and b) take advantage of appropriate Windows securities measure for
NTFS systems to protect the NullSessionShare.
compromising overall network security. Achieving this combination
requires that you a) designate the shared folder as a NullSessionShare,
and b) take advantage of appropriate Windows securities measure for
NTFS systems to protect the NullSessionShare.
a. Designate the shared folder that receives the .ALR files as a
NullSessionShare. This allows the workstations to have easy access
to the shared folder without providing login credentials. To do so,
create a name for the shared folder, and add the name to the value
NullSessionShares located in the following registry key on the
NetShield server where Alert Manager is located:
to the shared folder without providing login credentials. To do so,
create a name for the shared folder, and add the name to the value
NullSessionShares located in the following registry key on the
NetShield server where Alert Manager is located:
HKEY_LOCAL_MACHINE
SYSTEM
CurrentControlSet
Services
LanmanServer
Parameters
See your NetShield documentation for more information about
configuring Alert Manager.
configuring Alert Manager.
b. Because a NullSessionShare can result in a security vulnerability,
McAfee strongly recommends that you take advantage of all of the
following security features available for Windows NTFS systems
including:
following security features available for Windows NTFS systems
including:
• granting clients only “write” privileges to the shared folder.
• granting the Alert Manager server privileges for searching,
reading, and deleting only.