Manualshelf

Product guide

ManualsBrandsMcAfee ManualsOtherVIRUSSCAN ENTERPRISE
81828384858687888990
ePolicy Orchestrator 4.5 or 4.6
This example analysis is used as a framework for analyzing most VirusScan Enterprise protection
scenarios with ePolicy Orchestrator 4.5 or 4.6.
Before you begin
You must have direct or remote access to a VirusScan Enterprise protected system to perform
this example analysis.
Task
For option definitions, click ? in the interface.
1 Determine where and when the attacks occurred:
a Click Menu | Reporting | Queries to open the Queries pane.
b Type Malware in the Quick find search and click Apply. The Malware Detection History
query appears in the Queries list.
c Select the query and click Actions | Run. The query returns the number of recent
attacks.
2 To determine which malware was used in the attack, click Menu | Reporting | Threat
Event Log to display the Threat Event Log.
3 Double-click the log event to display the details page in the pane. From the log event you
can determine:
Threat Source IP Address and target are shown to help you determine what actions
to take.
Threat Name and Threat Type describe what malware was used in the attack.
Threat Event Descriptions describe how the attack affected the system and what
actions were taken on the threat.
ePolicy Orchestrator 4.0
This example analysis is used as a framework for analyzing most VirusScan Enterprise protection
scenarios with ePolicy Orchestrator 4.0.
Before you begin
You must have direct or remote access to a VirusScan Enterprise protected system to perform
this example analysis.
Task
For option definitions, click ? in the interface.
1 Determine where and when the attacks occurred:
a Click Reporting | Queries to open the Queries list.
b From the Public Queries list, select ePO: Malware Detection History and click More
Actions | Run. The Malware Detection History query appears in the Queries list.
2 To view the event that triggered the malware detection, click Reporting | Event Log,
the query returns the number of recent attacks.
3 Double-click the log event to display the details page in the pane. From the log event you
can determine:
Part IV - Monitoring, Analyzing, and Fine-Tuning Your Protection
Analyzing your protection
87McAfee VirusScan Enterprise 8.8 Product Guide