Product guide
Protecting Your System Access Points
Access protection prevents unwanted changes to your computer by restricting access to specified
ports, files, shares, registry keys, and registry values. It also protects McAfee processes by
preventing users from stopping them. This protection is critical before and during outbreaks.
This feature uses predefined rules and categories and user-defined rules to specify which items
can and cannot be accessed. Each rule can be configured to block and/or report access point
violations when they occur. Predefined rules and categories are subject to content updates via
the McAfee update sites.
NOTE: The access protection feature uses the on-access scanner to detect access point violations.
The on-access scanner must be enabled for the access protection feature to detect attempts
to access ports, files, shares, and registry keys and values.
Contents
How access protection rules are defined
Access point violations and how VirusScan Enterprise responds
Types of user-defined rules
Configuring access protection settings
How access protection rules are defined
Rules are separated into these types and provide these levels of protection.
Rule type descriptions
DescriptionRule type
These preconfigured rules protect your computer from common behaviors of malware
threats. You can enable, disable, and change the configuration, but you cannot delete
these rules.
Anti-virus
Two rule examples are:
• Prevent disabling or changing of critical processes, remote creation or modification
of executable files, hijacking of executable files, Windows Process spoofing, and
mass mailing worms from sending mail.
• Protect phone book files from password and email stealers.
These protection levels apply to anti-virus rules:
• Standard Protection
• Maximum Protection
• Outbreak Control
These preconfigured rules prevent modification of commonly used files and settings.
You can enable, disable, and change the configuration, but you cannot delete these
rules.
Common
13McAfee VirusScan Enterprise 8.7i