cancel
Showing results for 
Search instead for 
Did you mean: 
ztt116
Level 7

SolidCore features list

Is there any document available explaining  this solidcore features list, for example antidos provides protection against repeated attacks from the same IP address. how about the other features? what is it for?

0 Kudos
13 Replies
ldubey
Level 7

Re: SolidCore features list

There is no particular document as such. Please refer to Product Guide (release documents) to have an overview of solidcore features.

0 Kudos
ungert
Level 8

Re: SolidCore features list

I can explain a few off the top of my head.

sadmin features list

activex                        Enabled - Allow ActiveX control

checksum                       Enabled

deny-read                      Disable - Check for when a program reads something . - useful when you want to disable copying a file - causes a little more overhead

deny-write                     Enabled - enabled by default - checks when a program writes

discover-updaters              Enabled - I think  it is used when you do a diagnostic scan to generate a list of recommended updaters

enduser-notification           Enabled - Lets the user know when an block event happens new to ver 6

integrity                      Enabled

mp                             Enabled - memory protection

mp-nx                          Enabled

network-tracking               Enabled

pkg-ctrl                       Enabled

script-auth                    Enabled

Message was edited by: ungert on 4/13/12 7:58:47 AM CDT

Message was edited by: ungert on 4/13/12 7:59:35 AM CDT

Message was edited by: ungert on 4/13/12 8:06:52 AM CDT
0 Kudos
deepak_yadav
Level 9

Re: SolidCore features list

These are ver low level primitives and cannot be referred to as features of the product to someone unfamiliar with the product. Infact, 99% of the customers never see/modify them.

The best way to know more about Solidcore is thru McAfee website

http://www.mcafee.com/in/products/application-control.aspx#=vtab-Benefits

http://www.mcafee.com/in/products/change-control.aspx#=vtab-Benefits

0 Kudos
peebee
Level 7

Re: SolidCore features list

Building on what ungert already posted... a few that he left out:

checksum - This feature calculates the checksum of files in the inventory. The inventory is then cross referenced with those that are defined in the "binary" tab of the Rule Groups. Without the checksum feature you'll be unable to allow/ban based on checksum. You can still define Updaters and Trusted Directories though.

integrity - This is a protection feature that allows Solidcore to protect itself from tampering. This has nothing to do with File Integrity Monitor (FIM). If you know the VSE product then you can compare this to Access Protection for Solidcore (just not nearly as flexible).

mp-nx - This is specifically the No eXecute function of memory protection. NX is a feature of the physical processor that's primarily designed to forego buffer overflow exploits. mp-nx requires mp. You cannot enable mp-nx without having mp enabled.

pkg-ctrl - Package Control feature. Microsoft .msi packed files are not PE-32 or PE-64 therefore Solidcore doesn't identify these as executable. The pkg-ctrl feature was designed to fill this gap by shimming msiexec calls.

script-auth - Again, scripts aren't technically PE-32 or PE-64 executables. Script-auth interprets known script types and shims their execution to validate whether they are or aren't allowed. You can modify the known list of script extensions using sadmin scripts list. You can also add/remove to this list to customize the script-auth feature. See sadmin help scripts.

Message was edited by: peebee on 4/27/12 3:49:20 PM CDT
0 Kudos
vfcw
Level 7

Re: SolidCore features list

How about the rest of the other features?

0 Kudos
jferretti90
Level 7

Re: SolidCore features list

I would really like to see this asnwered as well. I have read ever scrap of documentation I can find as well as searched the forums. I have found that the documentation on the sadmin command seems to be incomplete.
The features in questions for me are:

integrity

mon

mon-ads

mon-file

mon-fattr

mon-proc-exec

mon-reg

mon-uat

network-tracking

pkg-ctrl

popups

signing

signing-fic

ssl


If anyone can point me to documentation that defines these sadmin features, or can define them themself, I would really appreciate it.

on 4/19/13 10:14:48 AM CDT
0 Kudos
cupajotogo
Level 9

Re: SolidCore features list

This is probably a little late but there's a great thread that references these docs here: https://community.mcafee.com/thread/45516

Cheers,

cupajotogo

0 Kudos
SafeBoot
Level 21

Re: SolidCore features list

This thread is over a year with no activity - why resurrect now?

0 Kudos
cupajotogo
Level 9

Re: SolidCore features list

I'm new to this scene so I certainly welcome any coaching you might have to offer. Not trying to resurrect anything but won't folks who are looking for answers still stumble across this unanswered thread? Thought I'd at least point them in the right direction.

Cheers,

cupajotogo

0 Kudos