Need to create a default Policy for Linux for Endpoint Security Threat Protection
We are trying to deploy McAfee on our Linux boxes but need help building a good
default Policy for Linux for Endpoint Security Threat Protection and on-access scan.
Currently running EPO 5.9.0 plan on upgrading EPO this Fall.
Mcafee agent for Linux 5.6.1 and Endpoint Security for Linux 10.6.3
There is a default OAS policy set in place already when it gets applied to a system. There are certain filetypes that are already set in place to be excluded. I was assigned a similar project last year.
My recommendation would be to try and contact your server / application owners and discuss what applications run on the system that may need to be excluded. More than likely their vendors will have a set list of directories that may need exemption from being scanned.