1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE
  6. Manual

Rogue System Detection; The Rogue System Sensor - McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE Manual

System protection, a product overview and quick set up in a test environment version 3.6
Hide thumbs
Table of Contents

Advertisement

5

Rogue System Detection

Even though you already use ePolicy Orchestrator to manage your security products,
your protection is only as good as your coverage. Deploying agents to the systems you
know about in your network and keeping them up-to-date is only part of a
comprehensive strategy. The next step is ensuring you cover each system that
connects to your network.
In any managed network, there are inevitably a small number of systems that do not
have an agent on them at any given time. These can be systems that frequently log
onto and off from the network, including test servers, laptop systems, or wireless
devices. Unprotected systems are often the weak spot of any security strategy,
creating entry points by which viruses and other potentially harmful programs can
access to your network.
Rogue System Detection helps you monitor all the systems on your network — not only
the ones ePolicy Orchestrator manages already, but the rogue systems as well. A rogue
system is any system that is not currently managed by an ePolicy Orchestrator agent,
but should be.
Rogue System Detection provides real-time detection of rogue systems by means of a
sensor placed on at least one system within each network broadcast segment (typically
a subnet). The sensor listens to network broadcast messages and spots when a new
system has connected to the network.
When the sensor detects a new system on the network, it sends a message to the
ePolicy Orchestrator server. The server then checks whether the newly-identified
system has an active agent installed and managed. If the new system is unknown to
the ePolicy Orchestrator server, Rogue System Detection allows you to take
remediation steps including alerting network and anti-virus administrators or
automatically deploying an ePolicy Orchestrator agent to the system.

The Rogue System sensor

The sensor is the distributed portion of the Rogue System Detection architecture.
Sensors detect systems, routers, printers, and other network devices connected to
your network. The sensor gathers information about the devices it detects, and
forwards the information to the epolicy Orchestrator server.
The sensor is a small Win32 native executable application. Similarly with an ePolicy
Orchestrator SuperAgent, you must have at least one sensor in each broadcast
segment, usually the same as a network subnet, in your network. The sensor runs on
any NT-based Windows operating system, such as Windows 2000, Windows XP , or
Windows 2003.
52
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE

Related Content for McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE

This manual is also suitable for:

Epolicy orchestrator

Table of Contents