Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
344 Views 1 Reply Latest reply: Sep 23, 2013 7:40 AM by kubaros RSS
Tuan Doan Newcomer 9 posts since
Jul 31, 2013
Currently Being Moderated

Sep 9, 2013 5:25 AM

what is the most secure Policy for NSP 7.5 !!

I got a PoC plan for my customer . This is Enterprise Company, Infrastucture is medium with 1000 user . They got firewall ASA, PaloAlto , using VPN connection for user, Got Mail Exchange system, Got Virtualization Server, Got ERP system.

when deploying at default IDS inline between firewall PaloAlto & Core Switch,  NSP just saw some attacks like botnet, reconnaissance, P2P application like report which i attacked.

 

report-trungnguyen.png

 

Sothat ,  My Customer asked me , what is most secure Policy for their system. Until now, i have configured Default All inclusive with audit Policy for them .

This is my first time PoC IPS Mcafee,  anyone got experience please help me , give me some advices.

Thank a lot.

  • kubaros Newcomer 26 posts since
    May 7, 2013
    Currently Being Moderated
    1. Sep 23, 2013 7:40 AM (in response to Tuan Doan)
    Re: what is the most secure Policy for NSP 7.5 !!

    hi there,

     

    if you have a mcafee partner account you can download a poc guide which can help. Also, you can install a virtual ntba app which helps a lot for malware, bot detection. if you can, use an M-Series sensor so you can have more abilities. Additionaly, do not forget to enable http response scanning, advance botnet detection, layer7 data collection etc. Lastly, there is a McAfee Logon Collector for user awareness in threats. also there is integration with gti, epo, vulnerability manager etc. You have a lot to consider before a poc Good luck!

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points