Configuration Guide for McAfee enterprise v8.0i

McAfee is called coffee. Recently, I have been asked a question about coffee. So I decided to write something like this. I hope it will be helpful to my friends who use coffee. ^_^

Open the coffee service console, right-click the taskbar icon, or open the menu from the Start menu. You can see the following interface:

In the following order

Access protection

Unknown. I don't know!

For example, I now know that there is a trojan named Blazer5, which is always connected to port 5000. It is quite uncomfortable to set it here to block port 5000, as shown in figure

Here, you can set your shared resources, mainly because there are already many built-in rules. You can disable file creation in the Windows directory to prevent Trojan damage, it is difficult to install software temporarily, but the security is indeed very good. By default, you cannot double-click the running file to open a compressed file, as shown in the preceding setting, because some compressed Packages may have malicious code, run some malicious programs in the Temporary Folder. Whether or not to enable the programs depends on your choice.

Buffer Overflow Protection

This is to prevent some viruses from spreading by exploiting the buffer overflow vulnerability, but opening it will cause a lot of trouble. We recommend that you disable it.

Email Delivery Scanner

The settings here are put behind and explained together with the access scan program, because they are very similar

Harmful program policies

It is recommended to enable all of them, but some of your special software may become a virus in the future.

Scan programs by Access

This is the key setting for coffee maker instant protection.

Here we need to change some settings. We recommend that you shut down the detection floppy disk during Shutdown. Otherwise, it will be annoying. The following scan time is a difficult setting to change. If the scan time is too short, you may not be able to finish the check, if it is too long, it will be very slow to have a large file, but fortunately this is the longest detection time. You have read it yourself ^_^

There is nothing to say about the following options. The default value is good.

This is a good setting. You can set different processes with high and low risks. For example, some viruses like to use the names of system processes, which is of course high risk, in this way, you can relax the settings for low-risk processes to reduce system resource usage. If you have time, you can change the settings.

Scan files here, you can set to only detect when reading files, which can save some resources, of course, also give up security. If you are on a LAN, we recommend that you check the network drive. Scan file type. We recommend that you select the default type for Access Scanning. Generally, some types are not commonly used, including some. BAK files are not very harmful. At least they will not run now. If you are not particularly worried, select the default type. The following is the exclusion list, that is, the folder that is not scanned. For example, if the cracked Serv-U is used as a virus, you can exclude the Serv-U folder. We recommend that you add the isolation folder of drive C to it. Otherwise, it may pop up annoying when you want to delete the virus. ^_^

Here we will talk about whether to scan compressed files. My suggestion is not to scan, because scanning will take a lot of time and there will be viruses in the instant, and we need to decompress them first, that is, decompress the package directly to the Temporary Folder. At this time, coffee EE will automatically detect the package. You have chosen it by yourself.

We recommend that you use the default method for virus detection.

We recommend that you use the default harmful program policy.

Scan all fixed disks (On-demand scanning program)

Here, it seems to be a common setting, but it actually hides many things ~ For example, you can automatically scan the memory or some sensitive folders when the system is idle. Create an on-demand scan task with the target memory or sensitive folders (such as C:/Windows/), and then click schedule

In this way, he will scan when the system is idle.

It is the same as the preceding settings, but it is no longer a real-time protection. Of course, we need to detect the compressed package ~

Very considerate settings, you can choose the CPU usage during the detection, too low will make the detection speed slow. If you have set the memory to be scanned during idle time, you can lower it here.

This is an additional virus library for coffee. It mainly adds detection for 3721. decompress the package and copy it to C:/program files/common files/Network Associates/engine.

Click to browse this file

I was really tired when I typed this word. I was going to write a common problem, but when I really want to write it, I found there was nothing to write ...... Now I have the official Simplified Chinese instruction manual of coffee for a while to transfer it to FTP. It is very detailed, but I have never read it carefully.

From: http://www.blueidea.com/computer/soft/2005/2407.asp