1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. EPOLICY ORCHESTRATOR 4.0.2 -
  6. Product manual

Subnet Status; Top 25 Subnets; Rogue Sensor Blacklist - McAfee EPOLICY ORCHESTRATOR 4.0.2 Product Manual

Hide thumbs
Table of Contents

Advertisement

Detecting Rogue Systems

Rogue Sensor Blacklist

Subnet status

Subnet status is the measure of how many detected subnets on your network are covered.
Coverage is determined by the ratio of covered subnets to uncovered subnets on your network.
Subnet states are categorized into these groups:
• Contains Rogues
• Covered
• Uncovered
NOTE:
Subnets must be known by the ePO server or be seen by a sensor to fall into one of
these categories.
Contains Rogues
Subnets that contain rogue systems are listed in the Contains Rogues category to make it easier
to take action on them.
Covered
Covered subnets have sensors installed on them that are actively reporting information to the
ePO server about detected systems. The Covered subnets category also includes the systems
listed in the Contains Rogues category. For example, the Covered subnets category contains
subnets A, B, and C. Subnet B contains rogues, while A and C do not. All three are listed in the
Covered category; only subnet B is listed in the Contains Rogues category.
Uncovered
Uncovered subnets don't have any active sensors on them. Subnets that are uncovered are not
reporting information about detected systems to the ePO server.

Top 25 Subnets

The Top 25 Subnets list provides the starting IP addresses and subnet range for the 25 subnets
that contain the most rogue system interfaces on your network. When a top 25 subnet is
selected, the rogue system interfaces it contains are displayed in the adjacent Rogue System
Interfaces by Subnet table.
Rogue Sensor Blacklist
The Rogue Sensor Blacklist is the list of managed systems where you do not want sensors
installed. These can include systems that would be adversely affected if a sensor were installed
on them, or systems you have otherwise determined should not host sensors. For example,
mission critical servers where peak performance of core services is essential, such as database
servers or servers in the DMZ (demilitarized zone). Also, systems that might spend significant
time outside your network, such as laptops.
The Rogue Sensor Blacklist is different than the Exceptions list, in that systems on the Exceptions
list are those that either can't have an agent on them, or that you don't want categorized as
Rogue, such as printers or routers.
McAfee ePolicy Orchestrator 4.0.2 Product Guide
195

Advertisement

Table of Contents
loading

Related Manuals for McAfee EPOLICY ORCHESTRATOR 4.0.2

Related Content for McAfee EPOLICY ORCHESTRATOR 4.0.2

Table of Contents