Creating rules

You can create rules for a variety of event categories. These include:

  • Access Protection rule violation detected and blocked
  • Access Protection rule violation detected and NOT blocked
  • Computer placed in quarantine mode
  • E-mail content filtered or blocked
  • Intrusion detected
  • Non-compliant computer detected
  • Normal operation
  • Policy enforcement failed
  • Repository update or replication failed
  • Software deployment failed
  • Software deployment succeeded
  • Software failure or error
  • Unknown category
  • Update/upgrade failed
  • Update/upgrade succeeded

All rules are created in the same basic manner by:

  1. Describing the rule.
  2. Setting filters for the rule.
  3. Setting thresholds for the rule.
  4. Creating the message to be sent and the type of delivery.

Copyright © 2006 McAfee, Inc. All Rights Reserved.