Alcatel-Lucent ics dissolvable agent for safeguard Manuel D’Utilisation
ICS Dissolvable Agent for SafeGuard Administration Guide
18
Chapter 3: General Administration Tasks
■
Minimizing security features—Using only one or two features. To make these
features less disruptive, allow end point computers to connect, even if the
operating systems are not supported by the feature.
features less disruptive, allow end point computers to connect, even if the
operating systems are not supported by the feature.
■
Minimizing enforcement rules—Only using enforcement rules for the most
important security requirements, such as requiring an antivirus application. To
make these enforcement rules even less disruptive, set them to ‘warn’ or
‘observe’.
important security requirements, such as requiring an antivirus application. To
make these enforcement rules even less disruptive, set them to ‘warn’ or
‘observe’.
Use the following steps in your security lifecycle:
1
Plan your security implementation.
Use the sample security scenario to help plan your implementation. See
. When planning your security implementation you should
consider the following:
—
What applications do you want to prohibit?
—
Commonly prohibited application types include IM clients, file system
indexers, games, and file sharing applications. For each prohibited application
you should consider whether you want to deny access for users who have it or
simply warn them that the application is prohibited. If you are unsure what
the user impact would be, you can choose to allow access without a warning.
This allows you to track incidents in your reports without troubling the user.
indexers, games, and file sharing applications. For each prohibited application
you should consider whether you want to deny access for users who have it or
simply warn them that the application is prohibited. If you are unsure what
the user impact would be, you can choose to allow access without a warning.
This allows you to track incidents in your reports without troubling the user.
—
What applications do you want to require?
—
Commonly required applications include anti-virus applications and
firewalls.
firewalls.
—
Do you want to protect against keyloggers?
—
Do you want to allow access for end points that have unsupported operating
systems.
systems.
—
What remediation information do you need to provide to your users so they
can become compliant with your policies?
can become compliant with your policies?
2
Configure your security implementation.
Use the Integrity Advanced Server Administrator Console to configure your
security settings. See
security settings. See
.
3
Monitor the results.
Use the reports to see how well ICS is protecting your network and to see its
impact on your end point users. See
impact on your end point users. See
.
4
Return to step 1.
Use the information you obtain from the reports to plan your next configuration.