background image

Safety reports provide details

Users can supplement the color-coded safety information for a site by viewing its detailed safety
report. These reports describe specific threats discovered by testing and include feedback
submitted by site owners and users.

Safety reports for sites are delivered from the McAfee SiteAdvisor and provide the following
information:

Explanation

Item

The overall rating for the website. We determine this rating
by looking at a wide variety of information. First, we

Summary

evaluate a website's email and download practices using
our proprietary data collection and analysis techniques.
Next, we examine the website itself to see if it engages
in annoying practices such as excessive pop-ups or
requests to change your home page. Then we perform an
analysis of its online affiliations to see if the site associates
with other sites flagged as red. Finally, we combine our
own review of suspicious sites with feedback from our
volunteer reviewers and alert you to sites that are deemed
suspicious.

The year the domain name was registered. More recently
registered websites have had less time to prove their safety
and trustworthiness.

Established

The country where a domain is registered. Keep in mind
that it's sometimes more difficult to get good customer

Country

service or resolve disputes with websites registered outside
of your country of residence.

The level of how popular the website is. Don't assume,
however, that popularity always goes hand in hand with

Popularity

safety. For example, some very popular prize sites send
lots of spam, and some very popular file-sharing programs
bundle adware. Likewise, many personal websites, blogs
and small business sites that do not get a lot of traffic can
be safe to browse and use. That's why the analysis behind
SiteAdvisor's overall verdict is so useful.

Overall rating for a website's email practices. We rate sites
based on both how much email we receive after entering

Email Results

an address on the site as well as how spammy the email
we receive looks. If either of these measures is higher
than what we consider acceptable, we'll give the site a
yellow warning. If both measures are high, or one of them
looks particularly egregious, we'll give the site a red
warning.

Each email link opens a detailed email analysis page.

Overall rating about the impact a site's downloadable
software had on our testing computer. Red flags are given

Downloads

to sites that have virus-infected downloads or that add
unrelated software which many people would consider
adware or spyware. The rating also takes note of the
network servers a program contacts during its operation,
as well as any modifications to browser settings or a
computer's registry files.

Each download link opens a detailed download analysis
page.

Introducing SiteAdvisor Enterprise Plus
Safety reports provide details

9

McAfee SiteAdvisor Enterprise Plus 3.0 Product Guide

Summary of Contents for MSA09EMB1RAA - Site Advisor Plus 2009

Page 1: ...McAfee SiteAdvisor Enterprise Plus 3 0 Product Guide...

Page 2: ...ed trademarks herein are the sole property of their respective owners LICENSE INFORMATION License Agreement NOTICE TO ALL USERS CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICE...

Page 3: ...olicy options and features 14 Information that SiteAdvisor Enterprise Plus sends 15 Configuring Policies 16 How policies work 16 Types of policy categories 17 Default policy settings 17 Creating and e...

Page 4: ...reate reports 43 Creating reports 44 Running a purge task 45 Use dashboards and monitors 45 Creating monitors 46 Reference 47 Frequently Asked Questions 47 Where to find more information 50 Web Filter...

Page 5: ...threats they might encounter when searching or browsing websites by displaying the following Safety rating for each site When searching safety ratings of green yellow red and gray icons appear next t...

Page 6: ...team assimilates test results into a safety report that can also include Feedback submitted by site owners which might include descriptions of safety precautions used by the site or responses to user...

Page 7: ...ton The site is safe Green checkmark There might be some issues with the site Yellow exclamation point There might be some serious issues with the site Red x No rating is available for the site Gray q...

Page 8: ...res on managed systems Task 1 Click the down arrow on the SiteAdvisor menu button to view the SiteAdvisor menu and do any of the following To do this Select this command Display the safety report for...

Page 9: ...of your country of residence The level of how popular the website is Don t assume however that popularity always goes hand in hand with Popularity safety For example some very popular prize sites send...

Page 10: ...hat can leave a computer essentially unusable Reviewers and site owners can provide additional information and commentary to supplement SiteAdvisor s automated test results Reviewer and Site Owner Com...

Page 11: ...or a particular group or all groups Instead of updating the entire list with the new entries you can create a second policy instance for the new entries and apply it and the default list together The...

Page 12: ...e Plus Create a list of blocked sites that users cannot access Prohibit List A multiple instance policy Rating Actions Assign actions warn block or allow to sites or site resources such as file downlo...

Page 13: ...t policy but tracks browsing behavior data that you can retrieve in reports See Evaluate policy settings with Observe mode under Configuring Policies 2 Evaluate browsing traffic and usage patterns Rep...

Page 14: ...t your goals Use this feature If this is your security or productivity goal Rating Actions policy Use SiteAdvisor ratings to control access to sites download files or phishing pages Prohibit List poli...

Page 15: ...n or block taken by SiteAdvisor Enterprise Plus Observe mode status on or off SiteAdvisor Enterprise Plus sends the following information to the SiteAdvisor website s servers Version of the SiteAdviso...

Page 16: ...lt policy is installed in the repository You cannot change this default policy but you can create a duplicate of this policy with a different name and configure it to meet your needs TIP Before deploy...

Page 17: ...assigned this policy and whether it can be disabled on individual systems General Settings required for managed systems to access the Internet through a proxy server to turn on Observe mode to tune e...

Page 18: ...rve mode Enable Not selected Options configured for blocking or warning are enforced Control Panel Option Enable Not selected to have SiteAdvisor Enterprise Plus appear in the client system Add or Rem...

Page 19: ...new policy or select Edit to change settings for an existing policy 5 Click Save Run an agent wake up call to apply the setting immediately or wait for the next automatic agent server communication A...

Page 20: ...browsing patterns are adversely affected by any current settings adjust them before disabling observe mode Policy settings are enforced when observe mode is disabled Control panel option You can allow...

Page 21: ...For the policy you want to edit click Edit 4 Click the Action Enforcement tab 5 Select Enable 6 Click Save Setting the control panel option Use this task to allow SiteAdvisor Enterprise Plus to appea...

Page 22: ...low access This enables a greater level of granularity in protecting users from pages that employ phishing techniques on a site with an overall green rating To block file downloads and phishing pages...

Page 23: ...ed in downgrading reactions for red and yellow sites NOTE Use the Enforcement Messaging policy options to customize the message that is displayed to users for blocked and warned sites Task For option...

Page 24: ...he message that displays to users for blocked phishing pages Task For option definitions click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy...

Page 25: ...to specify a range of sites affected by enforcement rules This enables you to apply enforcement rules to particular domains or to a range of similar sites without entering each URL separately When a m...

Page 26: ...http acme com 9090 downloads must have a domain that ends with acme com 9090 and a path that begins with downloads https news acme com 9090 downloads Does not match http www myacme com 9090 downloads...

Page 27: ...ns click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteA...

Page 28: ...enu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Authorize List 3 For the policy you want to edit click Edit 4 On the Manage Aut...

Page 29: ...criteria and again display the contents of the list click Clear Testing an Authorize list Use this task to test whether specific sites or site patterns are included in an Authorize list When Authoriz...

Page 30: ...te with an overall rating of green can contain individual download files rated yellow or red To protect users specify an action that is specific to the rating for an individual file Use this task to b...

Page 31: ...ested Phishing page blocking and download rating actions are also disabled only when this option is disabled McAfee recommends using this procedure to prevent private information about intranet sites...

Page 32: ...t select Authorize List 3 For the policy you want to edit click Edit 4 On the Advanced Options tab select Track events and request information from the SiteAdvisor server 5 Select Give this Authorize...

Page 33: ...Manage Prohibited Sites tab click Add Multiple 5 Type a URL or partial URL called a site pattern then type a space or tab followed by a comment URLs or site patterns must be at least six characters in...

Page 34: ...useful for finding sites in large lists Task For option definitions click in the interface 1 Do one of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Clic...

Page 35: ...site rated red yellow or green Safety balloons Warn or block pages Short message to display when users attempt to download files or access blocked phishing pages Safety balloons Warn or block pages S...

Page 36: ...ou have configured as Block Block message A site you have configured as Allow Allow message 7 Click Save Creating a message for phishing pages Use this task to customize the message that is displayed...

Page 37: ...g You can explain why users should be cautious Warn message Blocked download files You can explain why the file is blocked Block message 7 Click Save Creating a message for sites on Authorize or Prohi...

Page 38: ...s to have SiteAdvisor Enterprise Plus enabled Allow users to disable and then re enable the software from the SiteAdvisor Enterprise Plus menu in the browser or to do so only with a password The defau...

Page 39: ...rom the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Enable Disable 3 For the policy you want to edit click Edit 4 For SiteAdvisor menu option selectEnable 5 Sel...

Page 40: ...rporate network Tracking visits to private domains can greatly increase the size of log files and the ePO server database where this information is stored NOTE If you installed the Web Filtering for E...

Page 41: ...o Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from the Category list select Event Tracking 3 For t...

Page 42: ...e of the following ePolicy Orchestrator 4 0 Go to Systems Policy Catalog ePolicy Orchestrator 4 5 Click Menu Policy Policy Catalog 2 From the Product list select SiteAdvisor Enterprise Plus 3 0 0 from...

Page 43: ...ery or create a brand new query See Querying the Database in the ePolicy Orchestrator Product Guide for more information Access queries by going to the Queries pane under Reporting All predefined Site...

Page 44: ...then proceeded with their visit Top 100 Warned Continued Sites List of 100 yellow files that users downloaded most frequently over the last 30 days Top 100 Yellow Downloads List of 100 yellow sites v...

Page 45: ...stems For details about these features see the ePolicy Orchestrator documentation Dashboards consist of monitors and monitors are based on queries To monitor browser activity on your network use one o...

Page 46: ...ng Dashboards 2 Select Options then New Dashboard 3 In the Name field type a descriptive name 4 From the Size list select a dashboard layout 5 For each dashboard panel click New Monitor 6 For the Cate...

Page 47: ...tent of a frame loads websites Disabling the SiteAdvisor Enterprise Plus client software by using the Add ons feature through the browser s Tools menu Can users circumvent SiteAdvisor Enterprise Plus...

Page 48: ...llect information when users navigate to intranet sites By default no However you can change this by adding your intranet domain to an Authorize list then deselecting the Track events option in the Au...

Page 49: ...isor Enterprise Plus has been modified for management by an administrator with ePolicy Orchestrator In addition the automatic update feature has been removed to ensure that administrators control the...

Page 50: ...ation 2 Click ePolicy Orchestrator then ePolicy Orchestrator 4 0 or ePolicy Orchestrator 4 5 SiteAdvisor Enterprise Plus website For the latest information about SiteAdvisor Enterprise Plus and releva...

Page 51: ...security ratings and the settings in the Content Actions policy to block warn or allow the site based on content type are applied on client systems The approximately 100 site content categories are g...

Page 52: ...database After the log file data is transferred to the database reports are generated Log files are generated by running a SiteAdvisor Enterprise Plus client task from the ePO server on all managed s...

Page 53: ...cause of the amount of data that can be transferred when the logs are sent setting the client task to run on a randomized schedule is highly recommended Before you begin The client task to send Web Re...

Page 54: ...tegories 4 Select a content category and click Warn or Block to set the action for it The default is Allow 5 Click Save Working with the Web Reporter Refer to the Web Reporter Installation and Configu...

Page 55: ...eat factors 23 track allowed green sites 41 track domain page views 41 configuration SiteAdvisor Enterprise Plus continued track visits to domains 40 consumer version SiteAdvisor See SiteAdvisor Enter...

Page 56: ...visor Enterprise Plus 20 47 purge task SiteAdivsor Enterprise Plus running 45 Q queries SiteAdvisor Enterprise Plus creating reports 43 creating reports for web filtering 52 information sent for 15 R...

Page 57: ...ditional policy options 51 explanation 51 website access adding a logo to messages for sites 38 authorized sites blocking exploits 30 controlling by safety ratings 22 creating messages for sites 37 fi...

Page 58: ...McAfee SiteAdvisor Enterprise Plus 3 0 Product Guide 58 Index...

Reviews: