How access protection rules are defined

Rules are separated into these types and provide these levels of protection.

Rule type descriptions

Rule type Description
Anti-virus

These preconfigured rules protect your computer from common behaviors of malware threats. You can enable, disable, and change the configuration, but you cannot delete these rules.

Two rule examples are:


  • Prevent disabling or changing of critical processes, remote creation or modification of executable files, hijacking of executable files, Windows Process spoofing, and mass mailing worms from sending mail.
  • Protect phone book files from password and email stealers.

These protection levels apply to anti-virus rules:


  • Standard Protection
  • Maximum Protection
  • Outbreak Control
Common

These preconfigured rules prevent modification of commonly used files and settings. You can enable, disable, and change the configuration, but you cannot delete these rules.

Three rule examples are:


  • Prevent modification of McAfee files and settings.
  • Protect Mozilla and Firefox files and settings, Internet Explorer settings, and network settings.
  • Prevent installation of Browser Helper Objects and automatically running programs from the Temp folder.

These protection levels apply to common rules.


  • Standard Protection
  • Maximum Protection
Virtual Machine Protection

These preconfigured rules prevent termination of VMWare processes and modification of VMWare files. You can enable, disable, and change the configuration, but you cannot delete these rules.

Rule examples are:
  • Prevent termination of VMWAre Processes.
  • Prevent modification of VMWare workstation, server, or virtual machine files.
User-defined

These custom rules supplement the protection provided by the Anti-virus and Common rules.
Anti-spyware

If you installed the AntiSpyware Enterprise Module, you have additional rules to protect you from spyware-related threats.

Rule examples are:
  • Prevent Internet Explorer favorites and settings.

  • Prevent programs from running and execution of scripts from the Temp folder.

Protection level descriptions

Protection Level Description
Standard

Anti-virus and common rules that protect some critical settings and files from being modified, but generally allow you to install and execute legitimate software.
Maximum

Anti-virus and common rules that protect most critical settings and files from being modified. This level provides more protection than Standard, but might prevent you from installing legitimate software. If you cannot install software, we recommend that you disable the Access Protection feature first, then enable it again after installation.
Outbreak control

Anti-virus rules that block destructive code from accessing the computer until a DAT file is released. These rules are preconfigured to block access to shares during an outbreak.