Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0 Przewodnik Instalacji Pobierz pdf (Strona 13)

1. Strategize

2. Prepare a pilot environment

3. Install and configure

4. Do initial tuning

5. Activate adaptive mode (optional)

6. Refine tuning

7. Perform maintenance and expand

1. Strategize

The first step in the tuning process is to think through your system protection strategy. Set

realistic goals and create a pilot and deployment plan to match.

Define the priorities of the pilot

Make sure you understand your security goals and align the pilot process to match. You might

identify a few specific issues to block immediately, or allow a general monitoring period to learn

more about what really happens in the client community. Each organization chooses a different

balance between protection and productivity. Clear priorities at the beginning streamline the

process.

Ask yourself these questions:

• What are the specific security exposure areas or recent incidents flagged in audits?

• Which systems are the most vulnerable?

• Are mobile laptops a priority?

• Do regulations mean I must reduce vulnerabilities in a key user community or system group?

For many customers, the greatest vulnerabilities are on laptops that leave the controlled

enterprise environment. These systems represent excellent first targets for IPS. Some customers

would like to bolster key server protections. We suggest these business-critical systems be

piloted at a more conservative pace. Write down your key goals, and the next few steps will

help you prioritize.

Define the pilot environment

Choose a small set of pilot systems on which to run a test adoption. By selecting no more than

100 nodes on three subnets, you will be able to move up gradually from initially conservative

protection levels. A step-by-step expansion lets you readily manage any issues as they emerge.

Differentiate the major classes of systems and include them selectively in your pilot. From lowest

to highest implementation complexity, Host IPS can support:

• Standardized desktops or laptops where general users do not have administrative privileges

to install or delete applications on their systems. You can create multiple user profiles, each

with a defined standard application environment.

• Customized power-user desktops or laptops where specialized users retain administrative

privileges to install their own applications. Power users typically include administrators and

software developers. Occasionally, administrative privileges appear as an artifact of the

business. Ideally, any systems that don’t require administrative control should have these

privileges eliminated to reduce the range of system types that must be profiled and tuned.

Best Practices for Quick Success

1. Strategize

13McAfee Host Intrusion Prevention 8.0 Installation Guide

1 2 ... 8 9 10 11 12 13 14 15 16 17 18 ... 48 49

Brak uwag

Red Hat SYSTEM 8.0 - MIGRATION GUIDE 7.X TO 8.0 Przewodnik Instalacji Strona 13