Where to find policies
ePolicy Orchestrator provides two locations to view and manage Host Intrusion Prevention
• Systems | System Tree | Policies tab of a selected group in the System Tree
• Systems | Policy Catalog
Use the Policies tab to view the policies of a particular feature of the product, view details of
the policy, view inheritence information, edit policy assignment, and edit custom policies or
create a new policy relating to a selected group or system.
Use the Policy Catalog to create policies, view and edit policy information, view where a policy
is assigned, view the settings and owner of a policy, and view assignments where policy
enforcement is disabled.
To... Do this...
Create a policy Click New Policy, name it, and edit the settings.
Edit a policy Click Edit (only available for My Default or custom policies).
View a policy Click View (only available for McAfee Default or preconfigured policies).
Click Rename and change the name of the policy (not available for default or preconfigured policies).
Rename a policy
Duplicate a policy Click Duplicate, change the name of the policy, and edit the settings.
Managing Your Protection
Management of policies
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.0 17
To... Do this...
Click Delete (not available for default or preconfigured policies).
NOTE: When you delete a policy, all groups to which it is currently applied
inherit the policy of this category from their parent. Before deleting a policy,
Delete a policy
look at all of the nodes to which it is assigned, and assign a different policy
if you don’t want the policy to inherit from the parent. If you delete a policy
that is applied at the top level, the default policy of this category is applied.
Click the owner of the policy and select another owner from a list (not available
for default or preconfigured policies).
Assign a policy owner
Click Export, then name and save the policy (an XML file) to the desired location.
Export a policy
Click Export all policies, then name and save the policy XML file to the
Export all policies
Click Import at the top of the Policy Catalog page, select the policy XML file,
then click OK.
For details on any of these features, refer to the ePolicy Orchestrator 4.0 documentation.
I hope the above helps.
Please mark the answer as correct or helpful if it was useful so that others can use it as a ready reference.
I know how i can export policies from EPO server but i need to know how its done from Windows XP workstation? Situation is this... I have tested this HIPS client in workstation. I have teached rules how to manage with programs. Now everything is like i want it to be and i would like to "upload" these rules to EPO server. So i would like to use these rules like Firewall rules for computers. Is this possible?
1 of 1 people found this helpful
All of the client learned rules should be going back to ePO as properties. The Property Translator server task should convert these into client rules which you can view and apply to any named policy. Once you've done that, you can export the policy. The property Translator task can be run manually or will run automatically every 10 minutes be default. If you are not seeing any rules coming back, ensure you have the option to retain client rules checked in your policy (this is the default setting). After applying the rules you want to a named policy, you can uncheck "Retain client rules" and they will clear out after an asci.
Ok i processed the Property Translator server task. Where these rules should be found? Under computers details ( System Details -> Host Intrusion Prevention -> More ) i can see those rules but i cant see exported rules in Policy pages. This should be little easier that this... =)
Check under Reporting->Host IPS-> IPS Client rules or F/W Client Rules or Application Blocking Client rules
Make sure you selcet the correct group.
For ePO 4.5: Menu->Reporting->Host IPS->IPS Client rules or F/W Client Rules or Application Blocking Client rules
Correct answer... Now i found those rules and added rules to policy. Thanks a lot for everybody and specially for Sudeep Garg.