cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

ENS Policy Best Practices

Jump to solution

Dear All,

We understand that there are some character limit for the low risk which we have already been used number of characters is now 7,346, however I heard that, the total character limit would be 16K.

Please suggest me with the following.

1. We had almost 600 plus policies for high/low/default process policy list for OAS.

2. We had to extract the process from all the three and segregated them from all the policies and created safe/standard/toxic.

3. Standard policy will have file and folder exclusion list along with a few process exclusions.

4. Safe would have all the policies consolidated from almost all the existing default process, low and high risk policies.

5. Toxic has a few processes identified for particular applications which we categorized as critical servers, which are the servers with critical applications installed and derived some 300 plus processes.

6. Our aim is to eliminate the file folder exclusions but to keep its respective processes as per the defined categories safe/standard/toxic.

7. Now we have assigned safe policies for the machines irrespective of containers in the system tree as per the categorization against the process list.

8. Toxic we have assigned it to particular servers across the system tree that falls in to this category.

9. Standard we have assigned to the org level, so all the machines would get standard policy from the org level.

10. Then gets the safe or toxic policies.

Suggest me if this is a good approach. Your valuable suggestions are much appreciated.

Regards,

Venu
1 Solution

Accepted Solutions
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 4

Re: ENS Policy Best Practices

Jump to solution

Best practice would be to have a default policy with minimal exclusions applied to all systems. Systems with special applications requiring exclusions should then have seperate policies applied.

As already discussed on other posts, keep the amount of exclusions to an absolute minimum otherwise you compromise the security of your environment. I am glad to hear you are now sorting out the exclusions you apply in your environment!

 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

3 Replies
Highlighted

Re: ENS Policy Best Practices

Jump to solution

Hi All,

Can someone one help me with your valuable suggestions. I look forward your reply.

Venu
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 4

Re: ENS Policy Best Practices

Jump to solution

Best practice would be to have a default policy with minimal exclusions applied to all systems. Systems with special applications requiring exclusions should then have seperate policies applied.

As already discussed on other posts, keep the amount of exclusions to an absolute minimum otherwise you compromise the security of your environment. I am glad to hear you are now sorting out the exclusions you apply in your environment!

 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

View solution in original post

Highlighted

Re: ENS Policy Best Practices

Jump to solution

@chealey

Thank you for the suggestion, I am to initiate a pilot tomorrow, so I asked this question multiple times in order to make myself clear and to avert any possibility of risk/issues once I go live. For now I am relying on the categorization, standard which is default, safe which is common for some set of application servers and toxic for a bunch of critical servers where the processes defined are different from each category.

Thank you once again for your time.

Regards,

 

Venu
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community