Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherVIRUSSCAN ENTERPRISE
81828384858687888990
Part IV - Monitoring, Analyzing, and
Fine-Tuning Your Protection
After the initial configuration of your protection strategy, you should monitor, analyze, and
fine-tune your protection. By checking the activity log files and ePolicy Orchestrator queries,
you can improve the performance and the protection of VirusScan Enterprise systems.
Contents
Monitoring activity in your environment
Analyzing your protection
Monitoring activity in your environment
An important step in a protection strategy is monitoring the malware events that occur on your
systems. To do this you need to understand the tools to use and how to use them.
Tools for monitoring activity
VirusScan Enterprise provides many ways to monitor the threat events that occur on your
protected systems. The tools you use depend on whether you use the ePolicy Orchestrator
console or the VirusScan Console.
Query and dashboard uses
Use the ePolicy Orchestrator queries and dashboards to monitor activity on your McAfee managed
systems, and determine what action to take on detections.
For additional information about queries and dashboard see the following:
Refer to
Access queries and dashboards
for a complete list of the predefined queries available.
Refer to the ePolicy Orchestrator product documentation for information about modifying
and creating queries and dashboards.
Activity log uses
The VirusScan Console activity logs store a record of events that occur on your VirusScan
Enterprise protected system. The following table describes the log files.
All activity log files are stored, by default, at one of the following locations, depending on your
operating system:
McAfee VirusScan Enterprise 8.8 Product Guide84