Global Threat Intelligence File Reputation - best practices for minimizing network traffic
Technical Articles ID:
KB74581
Last Modified: 1/19/2021
Last Modified: 1/19/2021
Global Threat Intelligence File Reputation - best practices for minimizing network traffic
Technical Articles ID:
KB74581
Last Modified: 1/19/2021 EnvironmentMcAfee Global Threat Intelligence (GTI) File Reputation
Multiple McAfee products SummaryCarefully consider the factors listed in this article when configuring your GTI File Reputation enabled endpoint to minimize network traffic.
Any process that performs extensive file reads, file writes, or both, can potentially generate increased levels of GTI File Reputation lookups. The following are applications/situations that can potentially increase the number of GTI File Reputation lookups and increase network traffic generated as a consequence:
The following solutions help minimize the impact of these factors.
Solution 1Inventory agents and backup agents
Solution 2Software rollouts and software developed in-house
Use out-of-hours deployment for software rollouts and software developed in-house that generate a higher number of GTI File Reputation lookups. This approach helps reduce the impact of the increases on lookups. Solution 3Users with administrator permissions
When users have administrator permissions to install non-corporate approved software, this situation often generates more network traffic. The reason is the additional GTI Reputation lookup requests that these processes generate.Remove administrative permissions from user accounts with the rights to install any non-approved applications. This approach avoids this increase in network traffic. NOTE: Users with administrative permissions introduce a high level of risk to any corporate environment. Where possible, assign users to accounts with restricted administrative permissions. Related InformationAffected ProductsLanguages: |
|