ESET SMART SECURITY 4 - QUICK START GUIDE FOR MICROSOFT WINDOWS 7-VISTA-XP-2000-2003-2008 Uživatelská příručka stáhnout pdf (Strana 41)

Rules can be limited to certain users or user groups by adding them to the User list:

Add – Opens the Object type: Users or Groups dialog window that allows you to select desired users.

Delete – Removes the selected user from the filter.

4.1.4 Host-based Intrusion Prevention System (HIPS)

Host-based Intrusion Prevention System (HIPS) protects your system from malware and unwanted activity

attempting to negatively affect your computer. HIPS utilizes advanced behavioral analysis coupled with the detection

capabilities of network filtering to monitor running processes, files and registry keys. HIPS is separate from Real-time

file system protection and is not a firewall; it monitors only processes running within the operating system.

HIPS can be found in Advanced setup (F5) by clicking on Computer > HIPS. The HIPS state (enabled/disabled) is shown

in the ESET Endpoint Security main window, in the Setup pane, on the right side of the Computer section.

HIPS settings are located in Advanced setup (F5). To access HIPS in the Advanced Setup tree, click Computer > HIPS.

The HIPS state (enabled/disabled) is displayed in the ESET Endpoint Security main window, in the Setup pane on the

right side of the Computer section.

Warning: Changes to the HIPS settings should only be made by an experienced user.

ESET Endpoint Security has a built-in Self-defense technology that prevents malicious software from corrupting or

disabling your antivirus and antispyware protection, so you can be sure your system is protected all the times. Changes

to the Enable HIPS and Enable Self-defense settings take effect after the Windows operating system is restarted.

Disabling the entire HIPS system will also require a computer restart.

Filtering can be performed in one of four modes:

Automatic mode with rules – Operations are enabled, except pre-defined rules that protect your system.

Interactive mode – User will be prompted to confirm operations.

Policy-based mode – Operations are blocked.

Learning mode – Operations are enabled and a rule is created after each operation. Rules created in this mode can

be viewed in the Rule editor, but their priority is lower than the priority of rules created manually or rules created in

the automatic mode. After selecting Learning mode, the Notify about learning mode expiration in X days option

becomes active. After that time period is over, learning mode is disabled again. The maximum time period is 14 days.

After this time period is over, a pop-up window will open in which you can edit the rules and select a different filtering

mode.

The HIPS system monitors events inside the operating system and reacts accordingly based on rules similar to the rules

used by the personal firewall. Click Configure rules... to open the HIPS rule management window. Here you can select,

create, edit or delete rules.

In the following example, we will demonstrate how to restrict unwanted behavior of applications:

1. Name the rule and select Block from the Action drop-down menu.

2. Open the Target applications tab. Leave the Source applications tab blank to apply your new rule to all

applications attempting to perform any of the checked operations in the Operations list on applications in the Over

these applications list.

3. Select Modify state of another application (all operations are described in the product help, press F1 key in the

window which is identical to the image below).

4. Add one or several applications you wish to protect.

5. Enable the Notify user option to display a user notification whenever the rule is applied.

6. Click OK to save the new rule.

1 2 ... 36 37 38 39 40 41 42 43 44 45 46 ... 123 124

Žádné komentáře

ESET SMART SECURITY 4 - QUICK START GUIDE FOR MICROSOFT WINDOWS 7-VISTA-XP-2000-2003-2008 Uživatelská příručka Strana 41