Fireeye Endpoint Security Policy Api Tool
FIREEYE ENDPOINT SECURITY POLICY API TOOLAuthored by Erin Hughes (erin.hughes@fireeye.com)FireEye’s Endpoint Security Policy API provides a rich API to allow users to explore functions within theAPI. The Policy API Tool allows users to add remove and list policy exceptions quickly as well as listcreate policies for the tool.OverviewTo get started with the API you will need to create an API user or API Admin to access the API. The APIcan not be accessed by normal system users.API calls can be made with curl and at the beginning of every command section there is an example ofwhat the commands accomplish.SETUP YOUR API ACCOUNTAn API Analyst or API Admin is needed to utilize the API accounts. To provision an API account on thehost controller on the dashboard go to Admin Appliance Settings Add New User Set theUsername Select the Role “API Admin” or “API Analyst” set the password (should be at least 25characters with letters upper and lower case, numbers, and special characters).FireEye, Inc. 601 McCarthy Blvd. Milpitas, CA 95035 408.321.6300 877.FIREEYE (347.3393) info@fireeye.com www.fireeye.com 2018 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or servicemarks of their respective owners. WRD.EN-US.022018
POLICY TOOL COMMANDSRunning the hx-policy-tool.py with the -h commands lists all of the options.
LIST POLICIESList policies allows you to show what policies are available.
To use list;python hx-policy-tool.py -c host -p port -u api user -s PASSWORD listCLONE A POLICYClone allows you to make a copy of an existing policy.To use clone;python hx-policy-tool.py -c host -p port -u api user -s PASSWORD clone -i policy id -n New Policy Name EXPORT POLICIES
Export takes the integer value of the Policy ID as an argument and then exports it in JSON format to anoutput fileTo use export;python hx-policy-tool.py -c host -p port -u api user -s PASSWORD export -i policy ID -o file name IMPORT A POLICIYImport takes a file and allows you to import a JSON file with a complete policy in it.To use import;python hx-policy-tool.py -c host -p port -u api user -s PASSWORD import -i File Name EXTERNAL IMPORT
External Import is very useful if you want to update the exclusions for Real Time Indicators or MalwareGuard. To overwrite existing rules with the new policy, -o flag, otherwise the new policies will append tothe current one.python hx-policy-tool.py -c host -p port -u api user -s PASSWORD external-import -i file name -t type: md5, process, filepath -d Destination ID -s source: malware-protection,realtime The import file format is below"C:\\\\Program Files\\\\Trend Micro\\\\*","C:\\\\Program Files\\\\avs\\\\bin\\\\*","\"C:\\Program Files\\receptor\\*\"""C:\\\\Program Files\\\\ESET\\\\*","C:\\\\Program Files\\\\aws\\\\bin\\\\*","C:\\Program Files\\bitdefender\\*\"";
REAL TIME EXCLUSIONSRT-Exclusions are for copying Real Time Indicators of Compromise exclusions from one policy to anotherpolicy. To overwrite existing rules with the new policy, -o flag, otherwise the new policies will append tothe current one.python hx-policy-tool.py -c host -p port -u api user -s PASSWORD rt-exclusions -s Source Policy -d Destination Policy MALWARE EXCLUSIONSMalware-Exclusions are for copying Malware Exclusions from one policy to another policy. When copyingMalware-Exclusions to overwrite existing rules with the new policy, -o flag, otherwise the new policies willappend to the current one.python hx-policy-tool.py -c host -p port -u api user -s PASSWORD ml-exclusions -s Source Policy -d Destination Policy
FireEye's Endpoint Security Policy API provides a rich API to allow users to explore functions within the API. The Policy API Tool allows users to add remove and list policy exceptions quickly as well as list create policies for the tool. Overview To get started with the API you will need to create an API user or API Admin to access the API.
Figure 5: FireEye NX 4420 Figure 6: FireEye NX 7400 Figure 7: FireEye NX 7420 . FIPS 140-2 Security Policy v0.2 8 Figure 8: FireEye NX 7500 Figure 9: FireEye NX 9450 Figure 10: FireEye NX 10000 . FIPS 140-2 Security Policy v0.2 9 Figure 11: FireEye NX 10450 .
FireEye Email Security—Server Edition Administration and Diagnostics x x x x x FireEye Endpoint Security Administration and Diagnostics x x x x x FireEye Helix x x x x x Fundamentals of Network Traffic Analysis using FireEye Network Forensics x x x x x Helix Threat Analytics x x x x x Investigations with FireEye Endpoint Security x x x x x
GigaVUE-HC2 and FireEye NX 2400, a inline tool group solution through the FireEye GUI and Gigamon-OS H-VUE. The procedures are organized as follows: FireEye NX 2400 Configuration: Inline Tools Gigamon GigaVUE-HC2 Configuration: Inline Network and Inline Tool Groups. The FireEye GUI procedures focus on FireEye inline block operational mode.File Size: 1MBPage Count: 30
ESET Endpoint Protection Standard v6.5.522.0 FireEye Endpoint Security v4 Fortinet FortiClient v5.6.2 G DATA EndPoint Protection Business v14.1.0.67 Kaspersky Lab Kaspersky Endpoint Security v10 Malwarebytes Endpoint Protection v1.1.1.0 McAfee Endpoint Security v10.5 Palo Alto Networks Traps v4.1 Panda Security Panda Adaptive Defense 360 v2.4.1
Configuring FireEye NX 2400 for Inline Block Operation Mode The FireEye GUI procedures focus on FireEye inline block operational mode. The configuration procedures in the later section will configure the GigaVUE -HC2 to send live traffic to the FireEye inline tool group, which will allow the use of FireEye's on-system deployment testing tools.
The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, and FX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables real-time sharing of the auto-
The FireEye CM Series: CM-4400, CM-7400, CM-9400 (the module) is a multi-chip standalone . administration, reporting, and data sharing of the FireEye NX, EX, FX and AX series in one easy-to-deploy, network-based platform. Within the FireEye deployment, the FireEye CM enables
ANATOMI LUTUT Lutut adalah salah satu sendi terbesar dan paling kompleks dalam tubuh. Sendi ini juga yang paling rentan karena menanggung beban berat dan beban tekanan sekaligus memberikan gerakan yang fleksibel. Ketika berjalan, lutut menopang 1,5 kali berat badan kita, naik tangga sekitar 3–4 kali berat badan kita dan jongkok sekitar 8 kali. Lutut bergabung dengan tulang femur di atasnya .
