Checklist - Are You Prepared For An Outbreak; Other Methods To Recognize An Outbreak; Network Utilization Key Indicators - McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE Manual

®
ePolicy Orchestrator 3.6 Walkthrough Guide
Checklist — Are you prepared for an outbreak?

Other methods to recognize an outbreak

Network utilization key indicators

Know your network and specifically what creates traffic, and how much, on it.
The ePolicy Orchestrator software has been fully installed and implemented.
An anti-virus software product has been installed and configured on your systems.
For example, McAfee VirusScan Enterprise 8.0i.
Your anti-virus software is up-to-date with the latest virus definition (
are performing regular, scheduled updates of the virus scanning engine and virus
definition ( ) files for each of the anti-virus products that you manage through
DAT
ePolicy Orchestrator. You can also use reports to determine coverage. For more
information and instructions, see the reporting guide.
Turn off all network appliances and services you are not using.
Examine which services need inbound and outbound traffic, and which ports they
use. (Specifically, which of the first 1024 ports are used. On your gateway firewall,
disallow traffic on ports not used by your appliances and services.
Examine what types of e-mail attachments are acceptable in your environment, and
disallow others.
Your Microsoft products running on managed systems are up-to-date with the latest
patches and Service Packs. (Generally, Microsoft releases these on a monthy basis.)
You can use McAfee System Compliance Profiler to ensure all of your systems are
compliant to the latest Microsoft patches and Service Packs.
You have configured Notifications to send a message to you or others when
specified events (like a virus detection) are received and processed by the server.
The Rogue System Detection feature is implemented to recognize and deploy
agents to rogue systems and devices coming on to your network.
You are performing regular, scheduled updates of products through ePolicy
Orchestrator to ensure your security products are running the latest patch or Service
Pack.
You have enabled the agent wakeup call and tested the agent's communication with
the systems on your network.
There are several key indicators that you can use to determine if your network is
experiencing an outbreak. The following key indicators are covered in this section:
Network utilization key indicators.
E-mail utilization key indicators.
Virus detection events.
The following are indicators that network utilization may be affected by an outbreak:
Users complain of slowness. Users are often the first to notice when a full-scale
outbreak is taking place. Systems slow down, network systems stop responding,
and applications start displaying messages.
Checklist — Are you prepared for an outbreak?
74
Outbreaks
) files. You
DAT
7