1. Manuals
  2. Brands
  3. McAfee Manuals
  4. Software
  5. PASCDE-AB-IA - Policy Auditor For Servers
  6. Product manual

File Integrity Monitoring And Entitlement Reporting; How File Integrity Monitoring Works - McAfee PASCDE-AB-IA - Policy Auditor For Servers Product Manual

Product guide
Hide thumbs
Table of Contents

Advertisement

File Integrity Monitoring and entitlement reporting

File integrity monitoring notifies you of changes to specified text files on managed systems.
Entitlement reporting informs you of changes to user and group rights to files.
These features are useful for complying with government and industry standards, such as the
Payment Card Industry (PCI) Data Security Standard.
Contents

How file integrity monitoring works

Entitlement reporting
Create and apply a file integrity monitoring policy
Query reports for file integrity monitoring
How file integrity monitoring works
The file integrity monitoring feature uses the McAfee Policy Auditor agent plug-in to track file
changes to specified text files.
The software monitors files on managed systems only. You must install the McAfee Agent and
the agent plug-in on systems that you monitor.
When a file is scanned, the agent plug-in returns an event to the McAfee Policy Auditor server.
The event is encrypted and compressed to save disk space and bandwidth.
To learn more about supported systems, see:
Managed Systems in the Using the McAfee Policy Auditor agent plug-in section.
Platforms supported by the McAfee Policy Auditor agent plug-in in the Using the McAfee Policy
Auditor agent plug-in section.
When you create a policy to monitor files, the software checks the file for changes every hour
by default. You can change the monitoring frequency to fit your organizational needs.
File integrity monitoring allows you to:
Define which files should be tracked.You can use wildcard characters in file and path names.
Define which files should not be tracked.
Specify the frequency for detecting file changes.
See and receive notification about changes to the file or file attributes.
McAfee Policy Auditor also provides the ability to retain up to six file versions, including the
baseline version, and provides the ability to:
Compare a file with it's baseline version, or any prior version.
Compare a file with a file on another system.
McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6
59

Advertisement

Table of Contents
loading

Related Manuals for McAfee PASCDE-AB-IA - Policy Auditor For Servers

Related Content for McAfee PASCDE-AB-IA - Policy Auditor For Servers

This manual is also suitable for:

Policy auditor 6.0

Table of Contents