Manualshelf

Product guide

ManualsBrandsMcAfee ManualsComputer equipmentFIREWALL 2.10
41424344454647484950
5
From the list, add the path of the applications you want to exclude, then click Open.
6
Click to prevent further changes.
To delete an exclusion, select the item, then press fn+delete.
Best practices for application protection
We recommend that you follow this strategy to configure application protection rules that match your
business needs.
Administrators can create clear rules to allow only authorized applications are allowed to execute with
the defined privileges.
We recommend that you run the application protection configuration on a test environment, before
applying it on production systems.
1
Based on your organization's policy, identify the applications:
That are vulnerable but need protection.
That caused a security compromise recently.
That you want to block from execution.
2
Create a test environment in your lab with real-time applications. You can also include a few
real-time users and systems as part of testing.
3
Prepare a list of applications you want to allow, block, or run with restricted network access. We
recommend that initially you create basic rules. Refer to this sample checklist for your
environment:
Application Execution permission Network access
Safari Yes Unrestricted
iTunes Yes No network
Messenger No No network
Firefox Yes Unrestricted
iChat Yes Restricted (No external access)
4
Observe the system behavior and performance for a week and monitor the events regularly during
the test run. Monitoring includes checking the behavior and impact on normal operations, as a
result of application protection rules, application updates, and any new applications that the user
installed.
Check the update or upgrade of applications that are associated with application protection rules.
For example, you have added a rule for Safari. When you upgrade this application to the next
version (major or minor), the updated version is treated as an unknown or modified application. In
this case, appropriate action takes place based on the settings configured for the unknown or
modified application. We recommend that you update your rules.
Whenever an update or upgrade takes place for applications, re-apply the associated rules after the
application update or upgrade.
4
Configuring protection preferences on a standalone Mac
Application protection
42
McAfee Endpoint Protection for Mac 2.1.0 Product Guide