ClearPoint Metrics Scorecard Pack for McAfee ePO

Transcription

ClearPoint Metrics Scorecard Pack for McAfee ePO
© 2008 ClearPoint Metrics (ePOv4.0)
Welcome to ClearPoint Metrics Scorecard Pack for McAfee ePO
Congratulations! You have successfully downloaded the installation package for ClearPoint Metrics
Scorecard Pack for McAfee ePO™. With the Scorecard Pack for McAfee ePO, you can run, view, and
share metrics and scorecards about your McAfee e-Policy Orchestrator Anti-Virus information. The Pack
includes metrics that access information from McAfee e-Policy Orchestrator and present the results in
three different scorecards.
Contents
Welcome to ClearPoint Metrics Scorecard Pack for McAfee ePO
Introduction
The Scorecards
System Requirements
Installation
Uninstalling/Reinstalling the Scorecard Pack for McAfee ePO
Using the Scorecard Pack for McAfee ePO for the First Time
Configuring the Scorecard Pack for McAfee ePO
Running the Scorecard Pack for McAfee ePO and Viewing Results
Sample Scorecards
Technical Specifications
Resources and Support
Pull-Down Menus
Appendix A
Support
Copyright Notice
Introduction
The Scorecards
1. Virus Events – This scorecard examines the concentration of virus activity by severity across
platforms. It reveals which viruses are most commonly found within the organization and their
potential impact on the organization.
2. Virus Impact – This scorecard displays the impact of virus events over time. It examines the
impact of viruses on the environment and which hosts are most susceptible to virus outbreaks.
3. Virus Remediation – This scorecard demonstrates the effectiveness of the virus remediation
process. It displays the preferred methods for remediating viruses and the relative success of
those methods.
The Scorecard Pack for McAfee ePO is a sampling of the metrics and scorecards included in ClearPoint’s
Metric Application Package for Threat and Virus.
System Requirements
1.
2.
3.
4.
5.
6.
McAfee ePO
OS
Additional Software
Screen Resolution
RAM
Disk Space
Version 4.0 with VirusScan Enterprise 8.0/8.5
Windows XP or Windows Vista
Java SE 5.0 or above (download at www.java.com/getjava)
Higher than 600x800
512 MB required; 1 GB recommended
100 MB
Installation
1. Close all running applications.
2. Run the installation file that you just downloaded:
ScorecardPackForMcAfeeePO.exe.
3. A familiar Windows ‘Setup Wizard’ appears:
(Note: To ensure clear reproduction of the screen shots in this document,
you may find it helpful to ‘zoom’ your browser’s view to 150%.)
4. Click Next > or type N.
5. The License Agreement appears:
6. Click I Agree or type A.
7. Choose which components to install.
a. If you do not wish to have shortcut icons placed on the desktop, uncheck the Desktop
Shortcuts option.
b. Click Next >
8. The ‘Choose Install Location’ screen appears next:
9. Accept the default (C:\Program Files\ClearPoint Metrics\Scorecard Pack for McAfee ePO, or click
Browse (or type r) to choose another file location if you prefer.
10. Click Install or type I.
11. Installation begins:
12. When the installation is done, click Next > or type N.
13. The next screen announces that the installation has successfully completed:
14. If you chose this option in Step 7, icons for running the Scorecard Pack for McAfee ePO and
viewing this user guide file have been placed on your desktop. You may leave these boxes
checked to run/view now or uncheck them to view/run later.
15. Click Finish or type F.
Uninstalling/Reinstalling the Scorecard Pack for McAfee ePO
If you lose your network connection or if your computer aborts or shuts down for whatever reason while
configuring or running the Scorecard pack for McAfee ePO, you should cleanly reinstall the program
from the setup file you originally downloaded. (This will only take a few minutes.) If you determine for
whatever reason that you need to reinstall the Scorecard pack for McAfee ePO, you must first uninstall
it by using the standard Windows Control Panel function to ‘remove’ (uninstall) the program:
Using the Scorecard Pack for McAfee ePO for the First Time
1. The following desktop icons now appear on your desktop:
2. You may run the program by simply double-clicking on the Scorecard Pack for McAfee ePO icon,
or you can click Start > All Programs > ClearPoint Metrics > Scorecard Pack for McAfee ePO to
run the program or open the user guide file (you are viewing it now):
3. The program opens and loads required components; no action is required:
4. The main application screen then appears.
5. While you can click on any of these buttons, you must configure the scorecard pack before you
can Run Metrics and View Scorecard Results using your actual McAfee ePO data; a warning
screen will be displayed:
Configuring the Scorecard Pack for McAfee ePO
The next 2 screens will ask you to input information specific to the SQL Server database you employ with
your McAfee ePO account.
1. Connection Information (1):
2. Connection Information (2):
a. If you wish to verify the connection, you may click on Test Connection. If you entered valid
information you will see a screen indicating a successful connection.
b. But if you see the following screen, you will need to properly re-enter the required
information. Click OK to return to the Configuration screen.
c. You must enter valid information from your McAfee ePO account.
d. Click Next > or type N.
e. Click Finish > or type F.
Running the Scorecard Pack for McAfee ePO and Viewing Results
When have finished configuring the Scorecard Pack for McAfee ePO, each time you subsequently run
the program, you arrive at the main operational screen with four buttons and four pull-down menus.
1. Configure Scorecard Pack
Clicking here will bring you back to the McAfee ePO Connection Information screens where you
may change configuration parameters, including SQL database host URL, user ID, password, and
driver information.
2. See Samples
This will load the section on Sample Scorecards from this document for an explanation of the
available sample scorecards.
3. Run Scorecard Pack
This will access your McAfee ePO database to download data and create real scorecards from it.
a. When you select Run Scorecard Pack, the following screen appears; click OK.
b. This can take anywhere from 2 minutes to 2 hours depending on download size and the
speed of your internet connection. Use the table below as a guide:
Size of File
100MB
200MB
300MB
Bandwidth
1.54 MB
1.54 MB
1.54 MB
Time (hh:mm:ss)
00:10:21
00:20:43
00:31:05
c. A progress screen will appear while data is being extracted from your McAfee ePO database,
metrics are being calculated, and scorecards are being created:
d. When the process completes, the following screen appears; click OK.
4. View Scorecard Results:
View your metrics data in the form of graphical scorecards. This is only a small subset of what is
available in ClearPoint’s Metric Application Package for Threat and Virus.
a. If you have not actually Run Scorecard Pack as shown above, the following screen appears. If
you click OK at this point, you will only view empty scorecards (i.e., a shell with no data).
b. Otherwise, you are directed to a set of Web pages displaying your scorecards based on your
data. (You can share your scorecards with other computer users as well by simply directing
them to the same set of Web pages.)
c. This is the Welcome screen for viewing the scorecards you have generated or the samples
ClearPoint Metrics has provided. Navigate through the tree in the left pane as follows.
d. Clicking on Scorecard Pack for McAfee ePO will yield the following screen summarizing what
a scorecard pack is and what it can do for you.
e. Clicking on Sample Scorecard Pack for McAfee ePO will yield the following screen
introducing the concept behind ClearPoint Metrics Scorecard Packs and introducing our
fictitious sample company, Cambridge Transportation Company (CTC), a manufacturer of a
varied line of human-powered vehicles.
Sample Scorecards
The following descriptions apply to both the sample screens and your actual scorecards, though of
course the actual results in your scorecards will be based on your organization’s unique data.
1. Virus Events – This scorecard examines the concentration of virus activity by severity across
platforms. It reveals which viruses are most commonly found within the organization and their
potential impact on the organization. By examining the distribution of current virus activity, the
organization can gain a better sense of what is infiltrating the perimeter and take appropriate
steps to quarantine and prevent future virus attacks. The McAfee ePO Virus Events Scorecard
uses the following metrics:
a. Trend in number of virus events
b. Distribution of virus events by severity
c. Distribution of virus events by platform
d. Most prevalent viruses
2. Virus Impact – This scorecard displays the impact of virus events over time. It examines the
impact of viruses on the environment and which hosts are most susceptible to virus outbreaks.
This scorecard can be used to examine the exposure of hosts and which specific viruses the
organization should watch for more closely. The McAfee ePO Virus Impact Scorecard uses the
following metrics:
a. Mean virus impact Rating
b. Top ten viruses by impact rating
c. Ten most vulnerable hosts
3. Virus Remediation – This scorecard demonstrates the effectiveness of the virus remediation
process. It displays the preferred methods for remediating viruses and the relative success of
those methods. If the antivirus measures are shown to be not very effective, the scorecard can
at least indicate where the weaknesses lie. The McAfee ePO Virus Remediation Scorecard uses
the following metrics:
a. Distribution of virus events by action taken
b. Number of virus events per action taken
c. Distribution of virus events by remediation status
d. Number of virus events by remediation status
Technical Specifications
Clicking on Technical Specifications will load the following screen which provides version and release
numbers, system requirements, and a listing of the contents of the supplied scorecards.
Resources and Support
Clicking on Resources and Support leads you to the following screen where you can again access this
user guide file or be directed to relevant pages on the ClearPoint Metrics website. (See also Appendix A.)
Pull-Down Menus
There are also four pull-down menus provided at the top of the main operational screen –
File, Configure, Run, and Help:
These pull-down menus provide alternate ways of performing the actions triggered by clicking on the
four buttons plus a few additional options as described below.
1. File has only one option: Exit which simply ends the program.
2. Configure has 2 options:
a. Configure which will bring you back to the McAfee ePO Connection Information screens
where you may change configuration parameters (as detailed above).
b. Configure System which displays the following screen, where you may enter the IP address
for the Web server which will display generated scorecards or simply accept the default
address.
3. Run has 3 options:
a. Run Scorecard Pack and View Scorecard Results perform the same actions as clicking on the
corresponding buttons in the main window.
b. A 3rd selection, Metric and scorecard Status, produces a log of metrics and scorecards
showing the number of metrics and scorecards that have been run and whether the result
was successful. If a failure is indicated, clicking on it will produce an explanation of what
occurred. A sample of the Metric and scorecard Status screen is displayed below:
4. Help has 4 options:
a. See Samples will display the Sample Scorecards discussed previously.
b. Help will load this document – the document you are now viewing.
c. Contact US will connect you to a page on our Website containing ClearPoint Metrics general
contact information:
8 New England Executive Park
3rd floor Suite 390
Burlington MA 01803
617-456-1900
info@clearpointmetrics.com
d. About Scorecard Pack for McAfee e-Policy Orchestrator, shown below.
i.
Clicking on Plug-In Details produces a detailed list of all the software plug-ins used in
building ClearPoint Metrics Scorecard Pack for McAfee ePO. An excerpt is reproduced
below:
ii.
Clicking on Configuration Details produces a comprehensive list of the platform
characteristics on which ClearPoint Metrics Scorecard Pack for McAfee ePO is running.
An excerpt is reproduced below:
Appendix A
Support
We currently offer online support for Scorecard Pack users. Online support consists of emailing in
questions or opening support tickets online via the ClearPoint Metrics Customer Support Portal.
During the download process a support portal account was created. Within 24 hours of your
download, one of our metric advisors will email to you your ClearPoint Metrics Customer
Support Portal credentials and additional support portal information.
2. Then, to access the ClearPoint Metrics Customer Support Portal using your credentials,
click on this link: http://www.clearpointmetrics.com/ContactUs/Default.aspx.
3. If you need assistance prior to receiving your support portal information you are encouraged to
email support@clearpointmetrics.com.
1.
Copyright Notice
Unless otherwise noted, the entire contents of this publication are copyrighted by ClearPoint
Metrics and may not be reproduced, distributed, archived, or transmitted in any form or by any
means without prior written consent by ClearPoint Metrics.