Recent changes
Oct 18, 2020
Device priority
Primary device
Operating system
Sign-in account
Sign in with local account
Log-in security
    • Account password
Account permissions
Standard account
Security updates
Automatically allow security and feature updates
Windows UAC
Always notify
Malware samples
No - Malware samples are not purposely downloaded
Real-time Malware protection
McAfee Endpoint Security
Firewall protection
Custom - Provided by a third-party security vendor
RTP configuration
See above
Periodic scanners
No periodic scanners needed, due to system hardening via policies
VPN and Privacy
McAfee VPN powered by Tunnel Bear
Browser(s) and Add-ons
McAfee Web Filter
Maintenance tools
Windows built-in
Photos and Files backup
Acronis True Image 2021
File backup schedule
Changes are automatically sync'd to my cloud storage provider
Backup and rollback
Not used
Backup schedule
None
Activity usage
  1. Financial and sensitive documents
  2. Working from home

Computer hardware
CPU: Genuine Intel Core i7 1065g7 @ 3.9 GhZ
GPU: Intel Iris Plus Graphics
RAM: 8 Gb DDR4
512 Gb PCIE NVME Storage

McMcbrad

Level 10
Now this is the configuration for my primary device, which I use ONLY for work (software development, office apps, IT administration, etc.)

This device is protected by McAfee Endpoint Security.

For those of you who haven’t used McAfee Endpoint, it is a solution that comes with 4 modules:
  • Standard Antivirus, which unlike the home version of McAfee is jam-packed with settings and the cloud has 5 aggressiveness settings. This module also includes Exploit Prevention, which uses a large set of rules to block online and offline intrusions.E.g. block WMI calls from Microsoft Office
  • Firewall, which operates without creating rules. It also blocks connection based on IP reputation and can be configured in a sort of “default-deny” way, where all unverified addresses and sites are blocked.
  • Web Filter, which is basically corporate SiteAdvisor, which also has level of aggression and can be configured to block all unverified sites.
  • And most important - Advanced Threat Protection - this is Real Protect Cloud, Real Protect Local and Dynamic Application containment. Real Protect Local is sort of “data miner” scanning pre-execution, Real Protect Cloud is the true behavioural blocker. Dynamic Application Containment is not too different from the Comodo Sandbox. It’s got a set of rules which are applied to every isolated program and can be configured.

Because it’s a complicated solution to deploy and manage, I will not be including changes made to the RTP config bellow, as these are a lot. Anyone wishing to obtain information on how I’ve configured it can cont
 
Last edited:

DDE_Server

Level 21
Verified
Now this is the configuration for my primary device, which I use ONLY for work (software development, office apps, IT administration, etc.)

This device is protected by McAfee Endpoint Security.

For those of you who haven’t used McAfee Endpoint, it is a solution that comes with 4 modules:
  • Standard Antivirus, which unlike the home version of McAfee is jam-packed with settings and the cloud has 5 aggressiveness settings. This module also includes Exploit Prevention, which uses a large set of rules to block online and offline intrusions.E.g. block WMI calls from Microsoft Office
  • Firewall, which operates without creating rules. It also blocks connection based on IP reputation and can be configured in a sort of “default-deny” way, where all unverified addresses and sites are blocked.
  • Web Filter, which is basically corporate SiteAdvisor, which also has level of aggression and can be configured to block all unverified sites.
  • And most important - Advanced Threat Protection - this is Real Protect Cloud, Real Protect Local and Dynamic Application containment. Real Protect Local is sort of “data miner” scanning pre-execution, Real Protect Cloud is the true behavioural blocker. Dynamic Application Containment is not too different from the Comodo Sandbox. It’s got a set of rules which are applied to every isolated program and can be configured.

Because it’s a complicated solution to deploy and manage, I will not be including changes made to the RTP config bellow, as these are a lot. Anyone wishing to obtain information on how I’ve configured it can cont
Great configuration thanks for sharing
did it has solid core and DLP such as ePO version ??