ClearPoint Metrics Scorecard Pack for McAfee ePO
Transcription
ClearPoint Metrics Scorecard Pack for McAfee ePO
© 2008 ClearPoint Metrics (ePOv4.0) Welcome to ClearPoint Metrics Scorecard Pack for McAfee ePO Congratulations! You have successfully downloaded the installation package for ClearPoint Metrics Scorecard Pack for McAfee ePO™. With the Scorecard Pack for McAfee ePO, you can run, view, and share metrics and scorecards about your McAfee e-Policy Orchestrator Anti-Virus information. The Pack includes metrics that access information from McAfee e-Policy Orchestrator and present the results in three different scorecards. Contents Welcome to ClearPoint Metrics Scorecard Pack for McAfee ePO Introduction The Scorecards System Requirements Installation Uninstalling/Reinstalling the Scorecard Pack for McAfee ePO Using the Scorecard Pack for McAfee ePO for the First Time Configuring the Scorecard Pack for McAfee ePO Running the Scorecard Pack for McAfee ePO and Viewing Results Sample Scorecards Technical Specifications Resources and Support Pull-Down Menus Appendix A Support Copyright Notice Introduction The Scorecards 1. Virus Events – This scorecard examines the concentration of virus activity by severity across platforms. It reveals which viruses are most commonly found within the organization and their potential impact on the organization. 2. Virus Impact – This scorecard displays the impact of virus events over time. It examines the impact of viruses on the environment and which hosts are most susceptible to virus outbreaks. 3. Virus Remediation – This scorecard demonstrates the effectiveness of the virus remediation process. It displays the preferred methods for remediating viruses and the relative success of those methods. The Scorecard Pack for McAfee ePO is a sampling of the metrics and scorecards included in ClearPoint’s Metric Application Package for Threat and Virus. System Requirements 1. 2. 3. 4. 5. 6. McAfee ePO OS Additional Software Screen Resolution RAM Disk Space Version 4.0 with VirusScan Enterprise 8.0/8.5 Windows XP or Windows Vista Java SE 5.0 or above (download at www.java.com/getjava) Higher than 600x800 512 MB required; 1 GB recommended 100 MB Installation 1. Close all running applications. 2. Run the installation file that you just downloaded: ScorecardPackForMcAfeeePO.exe. 3. A familiar Windows ‘Setup Wizard’ appears: (Note: To ensure clear reproduction of the screen shots in this document, you may find it helpful to ‘zoom’ your browser’s view to 150%.) 4. Click Next > or type N. 5. The License Agreement appears: 6. Click I Agree or type A. 7. Choose which components to install. a. If you do not wish to have shortcut icons placed on the desktop, uncheck the Desktop Shortcuts option. b. Click Next > 8. The ‘Choose Install Location’ screen appears next: 9. Accept the default (C:\Program Files\ClearPoint Metrics\Scorecard Pack for McAfee ePO, or click Browse (or type r) to choose another file location if you prefer. 10. Click Install or type I. 11. Installation begins: 12. When the installation is done, click Next > or type N. 13. The next screen announces that the installation has successfully completed: 14. If you chose this option in Step 7, icons for running the Scorecard Pack for McAfee ePO and viewing this user guide file have been placed on your desktop. You may leave these boxes checked to run/view now or uncheck them to view/run later. 15. Click Finish or type F. Uninstalling/Reinstalling the Scorecard Pack for McAfee ePO If you lose your network connection or if your computer aborts or shuts down for whatever reason while configuring or running the Scorecard pack for McAfee ePO, you should cleanly reinstall the program from the setup file you originally downloaded. (This will only take a few minutes.) If you determine for whatever reason that you need to reinstall the Scorecard pack for McAfee ePO, you must first uninstall it by using the standard Windows Control Panel function to ‘remove’ (uninstall) the program: Using the Scorecard Pack for McAfee ePO for the First Time 1. The following desktop icons now appear on your desktop: 2. You may run the program by simply double-clicking on the Scorecard Pack for McAfee ePO icon, or you can click Start > All Programs > ClearPoint Metrics > Scorecard Pack for McAfee ePO to run the program or open the user guide file (you are viewing it now): 3. The program opens and loads required components; no action is required: 4. The main application screen then appears. 5. While you can click on any of these buttons, you must configure the scorecard pack before you can Run Metrics and View Scorecard Results using your actual McAfee ePO data; a warning screen will be displayed: Configuring the Scorecard Pack for McAfee ePO The next 2 screens will ask you to input information specific to the SQL Server database you employ with your McAfee ePO account. 1. Connection Information (1): 2. Connection Information (2): a. If you wish to verify the connection, you may click on Test Connection. If you entered valid information you will see a screen indicating a successful connection. b. But if you see the following screen, you will need to properly re-enter the required information. Click OK to return to the Configuration screen. c. You must enter valid information from your McAfee ePO account. d. Click Next > or type N. e. Click Finish > or type F. Running the Scorecard Pack for McAfee ePO and Viewing Results When have finished configuring the Scorecard Pack for McAfee ePO, each time you subsequently run the program, you arrive at the main operational screen with four buttons and four pull-down menus. 1. Configure Scorecard Pack Clicking here will bring you back to the McAfee ePO Connection Information screens where you may change configuration parameters, including SQL database host URL, user ID, password, and driver information. 2. See Samples This will load the section on Sample Scorecards from this document for an explanation of the available sample scorecards. 3. Run Scorecard Pack This will access your McAfee ePO database to download data and create real scorecards from it. a. When you select Run Scorecard Pack, the following screen appears; click OK. b. This can take anywhere from 2 minutes to 2 hours depending on download size and the speed of your internet connection. Use the table below as a guide: Size of File 100MB 200MB 300MB Bandwidth 1.54 MB 1.54 MB 1.54 MB Time (hh:mm:ss) 00:10:21 00:20:43 00:31:05 c. A progress screen will appear while data is being extracted from your McAfee ePO database, metrics are being calculated, and scorecards are being created: d. When the process completes, the following screen appears; click OK. 4. View Scorecard Results: View your metrics data in the form of graphical scorecards. This is only a small subset of what is available in ClearPoint’s Metric Application Package for Threat and Virus. a. If you have not actually Run Scorecard Pack as shown above, the following screen appears. If you click OK at this point, you will only view empty scorecards (i.e., a shell with no data). b. Otherwise, you are directed to a set of Web pages displaying your scorecards based on your data. (You can share your scorecards with other computer users as well by simply directing them to the same set of Web pages.) c. This is the Welcome screen for viewing the scorecards you have generated or the samples ClearPoint Metrics has provided. Navigate through the tree in the left pane as follows. d. Clicking on Scorecard Pack for McAfee ePO will yield the following screen summarizing what a scorecard pack is and what it can do for you. e. Clicking on Sample Scorecard Pack for McAfee ePO will yield the following screen introducing the concept behind ClearPoint Metrics Scorecard Packs and introducing our fictitious sample company, Cambridge Transportation Company (CTC), a manufacturer of a varied line of human-powered vehicles. Sample Scorecards The following descriptions apply to both the sample screens and your actual scorecards, though of course the actual results in your scorecards will be based on your organization’s unique data. 1. Virus Events – This scorecard examines the concentration of virus activity by severity across platforms. It reveals which viruses are most commonly found within the organization and their potential impact on the organization. By examining the distribution of current virus activity, the organization can gain a better sense of what is infiltrating the perimeter and take appropriate steps to quarantine and prevent future virus attacks. The McAfee ePO Virus Events Scorecard uses the following metrics: a. Trend in number of virus events b. Distribution of virus events by severity c. Distribution of virus events by platform d. Most prevalent viruses 2. Virus Impact – This scorecard displays the impact of virus events over time. It examines the impact of viruses on the environment and which hosts are most susceptible to virus outbreaks. This scorecard can be used to examine the exposure of hosts and which specific viruses the organization should watch for more closely. The McAfee ePO Virus Impact Scorecard uses the following metrics: a. Mean virus impact Rating b. Top ten viruses by impact rating c. Ten most vulnerable hosts 3. Virus Remediation – This scorecard demonstrates the effectiveness of the virus remediation process. It displays the preferred methods for remediating viruses and the relative success of those methods. If the antivirus measures are shown to be not very effective, the scorecard can at least indicate where the weaknesses lie. The McAfee ePO Virus Remediation Scorecard uses the following metrics: a. Distribution of virus events by action taken b. Number of virus events per action taken c. Distribution of virus events by remediation status d. Number of virus events by remediation status Technical Specifications Clicking on Technical Specifications will load the following screen which provides version and release numbers, system requirements, and a listing of the contents of the supplied scorecards. Resources and Support Clicking on Resources and Support leads you to the following screen where you can again access this user guide file or be directed to relevant pages on the ClearPoint Metrics website. (See also Appendix A.) Pull-Down Menus There are also four pull-down menus provided at the top of the main operational screen – File, Configure, Run, and Help: These pull-down menus provide alternate ways of performing the actions triggered by clicking on the four buttons plus a few additional options as described below. 1. File has only one option: Exit which simply ends the program. 2. Configure has 2 options: a. Configure which will bring you back to the McAfee ePO Connection Information screens where you may change configuration parameters (as detailed above). b. Configure System which displays the following screen, where you may enter the IP address for the Web server which will display generated scorecards or simply accept the default address. 3. Run has 3 options: a. Run Scorecard Pack and View Scorecard Results perform the same actions as clicking on the corresponding buttons in the main window. b. A 3rd selection, Metric and scorecard Status, produces a log of metrics and scorecards showing the number of metrics and scorecards that have been run and whether the result was successful. If a failure is indicated, clicking on it will produce an explanation of what occurred. A sample of the Metric and scorecard Status screen is displayed below: 4. Help has 4 options: a. See Samples will display the Sample Scorecards discussed previously. b. Help will load this document – the document you are now viewing. c. Contact US will connect you to a page on our Website containing ClearPoint Metrics general contact information: 8 New England Executive Park 3rd floor Suite 390 Burlington MA 01803 617-456-1900 info@clearpointmetrics.com d. About Scorecard Pack for McAfee e-Policy Orchestrator, shown below. i. Clicking on Plug-In Details produces a detailed list of all the software plug-ins used in building ClearPoint Metrics Scorecard Pack for McAfee ePO. An excerpt is reproduced below: ii. Clicking on Configuration Details produces a comprehensive list of the platform characteristics on which ClearPoint Metrics Scorecard Pack for McAfee ePO is running. An excerpt is reproduced below: Appendix A Support We currently offer online support for Scorecard Pack users. Online support consists of emailing in questions or opening support tickets online via the ClearPoint Metrics Customer Support Portal. During the download process a support portal account was created. Within 24 hours of your download, one of our metric advisors will email to you your ClearPoint Metrics Customer Support Portal credentials and additional support portal information. 2. Then, to access the ClearPoint Metrics Customer Support Portal using your credentials, click on this link: http://www.clearpointmetrics.com/ContactUs/Default.aspx. 3. If you need assistance prior to receiving your support portal information you are encouraged to email support@clearpointmetrics.com. 1. Copyright Notice Unless otherwise noted, the entire contents of this publication are copyrighted by ClearPoint Metrics and may not be reproduced, distributed, archived, or transmitted in any form or by any means without prior written consent by ClearPoint Metrics.