ePolicy Orchestrator 4.0

Configure the Buffer Overflow Protection Policies with this user interface console.

Task

For option definitions, click ? in the interface.

  1. Click Systems | Policy Catalog, then from the Product list select VirusScan Enterprise 8.8.0. The Category list displays the policy categories for VirusScan Enterprise 8.8.0.
  2. Edit an existing policy or create a new policy: Edit an existing policy
    1. From the Category list, select the policy category.
    2. From the Actions column, click Edit to open the policy configuration page.

    Create a new policy

    1. Click New Policy to open New Policy dialog box.
    2. From the Create a new policy based on this existing policy list, select one of the settings.
    3. Type a new policy name.
    4. Click OK. The new policy appears in the list of existing policies.
  3. From the Settings for list, select Workstation or Server.
  4. From the Buffer Overflow Protection Policies page, click the Buffer Overflow Protection tab and configure the following:
    1. Enable Buffer overflow settings and the protection mode used. Configure the protection mode to either block the exploit or simply send a message and log the event.
    2. Enable the Client system warnings that are sent when a buffer overflow exploit occurs.
    3. Configure Buffer overflow exclusions for specific application programming interface (API) values, plus the optional processes and module names to exclude.
  5. Click the Reports tab, enable the scanning activity log files, where they are stored, their size, and format.
    Note: These log files are very helpful when you diagnose security threats and help determine what actions to take against these threats.

ePolicy Orchestrator 4.0