Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Computer Details<br />
The Computer's Details window mirrors the main interface of the IDF Server Plug-in. It displays includes<br />
all the settings and configurations that can be changed to override any settings and configurations.<br />
Computer Information Screen<br />
General<br />
Hostname: The name must be either the IP address of the Computer or the hostname of the<br />
Computer. (Either a fully qualified hostname or a relative hostname may be used if a hostname is<br />
used instead of an IP address.)<br />
Description: a description of the Computer.<br />
Platform: Details of the Computer's OS will appear here.<br />
Domain: The Domain to which the Computer belongs appears in the drop-down list. You can<br />
reassign the Computer to any other existing Domain.<br />
Security Profile: The Security Profile (if any) that has been assigned to this Computer.<br />
Keep in mind that if you unassign a Security Profile from a Computer, Rules may still be in effect<br />
on the Computer if they were assigned independently of the Security Profile.<br />
Asset Importance: IDF Server Plug-in uses a ranking system to quantify the importance of<br />
Security Events. Rules are assigned a Severity Level (high, medium, low, etc.), and Assets<br />
(Computers) are assigned an "Asset Importance" level. These levels have numerical values.<br />
When a Rule is triggered on a Computer the Asset Importance value and the Severity Level value<br />
are multiplied together. This produces a score which is used to sort Events by importance. (Event<br />
ranking can be seen on the Events screens.) Use this Asset Importance drop-down list to<br />
assign an Asset Importance level to this Computer. (To edit the numerical values associated with<br />
severity and importance levels, go to System > System Settings > Ranking.)<br />
Lock Computer (Prevents all communication with client plug-in): Checking this blocks all<br />
communications between the Client Plug-in and the Server Plug-in. The Computer's Security<br />
Profile is still active (all rules are still applied to all traffic), but should any alerts be generated,<br />
they will not be sent to the Server Plug-in.<br />
You may wish to lock out a Computer if you are going to perform some maintenance on it and<br />
don't want a series of alerts to appear in the Server Plug-in.<br />
Status<br />
Computer Status:<br />
o When the Computer is unmanaged the status represents the state of the Client Plug-in<br />
with respect to activation. The status will display either "Discovered" or "New" followed<br />
by the Client Plug-in state in brackets ("No Client Plug-in", "Unknown", "Client Plug-in<br />
Reactivate Required", "Client Plug-in Activate Required", or "Client Plug-in Deactivate<br />
Required").<br />
o When the Computer is managed and no Computer errors are present, the status will<br />
display "Managed" followed by the state of the Client Plug-in in brackets ("Client Plug-in<br />
<strong>Online</strong>" or "Client Plug-in Offline").<br />
o When there are errors on the Computer (e.g., "Client Plug-in Offline", "Client Plug-in<br />
Update Failed", etc.) the status will display the error. When more than one error is<br />
present, the status will display "Multiple Errors" and each error will be listed beneath.<br />
Client Plug-in: Indicates whether the Server Plug-in can communicate with the Client Plug-in.<br />
© Copyright 2010 <strong>Trend</strong> <strong>Micro</strong> Inc. www.trendmicro.com<br />
All rights reserved. - 19 -