|
Otros manuales para este modelo:
Resumen del manual
Q: What is the difference between a whitelist and a blacklist approach?
A: The HP Sygate Security Agent uses a “whitelist” approach. In a whitelist environment, only network
traffic for known, listed programs is allowed. A blacklist environment allows all traffic except what is
known to be harmful. HP knows every program it installs on its thin clients; therefore, you only update
additions you make to HP thin clients.
The following table compares the advantages of the whitelist and blacklist policies:
Policy
Advantages
Disadvantages
Blacklist Firewall
• Building and managing a firewall policy can be • It is more prone to allow undesired
Policy
a time-consuming and frustrating process for both
behavior and security policy
the administrators and the users. A firewall with a
violations, such as reverse-tunnels,
default blacklist can be installed without first
trojans, worms, and similar
defining a security policy for access through the
attacks.
firewal .
• It is difficult to switch from a
• With a default blacklist policy, it is possible to
default blacklist to a whitelist
quickly install a firewall without a significant
model.
amount of up-front security competency required
by the installers.
Whitelist Firewall
• Greater security because only known services
• Managing a whitelist firewall
Policy
and network activities are allowed by default. This
policy is more time consuming in a
minimizes the effectiveness of trojans, viruses, and
network with actively changing
worms that use unknown, unlisted programs.
needs and demands.
• It is easy to switch a default whitelist firewall to a • It can be a frustrating to users
blacklist firewall.
because they have to request
• Installing a whitelist firewall takes more up-front
access to services, rather than
time, because you must determine the list of what
having access by default.
to allow through the firewall before it is installed
and functional.
Q: What viruses, worms, or vulnerabilities will HP Sygate Security Agent block?
A: Both Microsoft Windows Firewall and HP Sygate Security Agent prevent worm attacks such as
Blaster and Sasser; however, only HP Sygate Security Agent has the ability to help stop propagation
to other systems due to the whitelist approach which allows only known, listed programs to access the
network.
Assessing your vulnerability to an attack is one of the most important steps that you can take to
ensure that your system is protected from possible intruders. The information from this assessment
can help you set the various options on your Agent to protect your system from attack. The Sygate
Online Services (SOS) scanner scans your computer and attempts to determine your IP address,
operating system, Web browser, and other information about your system. You can then choose one
of the following more focused scans:
• Quick Scan: Encompasses several scanning processes to perform a brief, general scan. It
usual y takes 20 seconds or less to accurately scan your devices ports, protocols, services,
and possible Trojans. It records the results in the Agent Security Log.
3
...Otros modelos de este manual:
Computadoras - HP Compaq t5710 Thin Client (79.51 kb)
Computadoras - HP Compaq t5720 Thin Client (79.51 kb)
Computadoras - HP Compaq t5725 Thin Client (79.51 kb)