ePolicy Orchestrator 4.0
Configure the Buffer Overflow Protection Policies with this user interface console.
For option definitions, click ? in the interface.
- Click Systems | Policy Catalog, then from the Product list select VirusScan Enterprise 8.8.0. The Category list displays the policy categories for VirusScan Enterprise 8.8.0.
- Edit an existing policy or create a new policy: Edit an existing policy
- From the Category list, select the policy category.
- From the Actions column, click Edit to open the policy configuration page.
Create a new policy
- Click New Policy to open New Policy dialog box.
- From the Create a new policy based on this existing policy list, select one of the settings.
- Type a new policy name.
- Click OK. The new policy appears in the list of existing policies.
- From the Settings for list, select Workstation or Server.
- From the Buffer Overflow Protection Policies page, click the Buffer Overflow Protection tab and configure the following:
- Enable Buffer overflow settings and the protection mode used. Configure the protection mode to either block the exploit or simply send a message and log the event.
- Enable the Client system warnings that are sent when a buffer overflow exploit occurs.
- Configure Buffer overflow exclusions for specific application programming interface (API) values, plus the optional processes and module names to exclude.
- Click the Reports tab, enable the scanning activity log files, where they are stored, their size, and format.
Note: These log files are very helpful when you diagnose security threats and help determine what actions to take against these threats.