Migration Flashcards

1
Q

What is the ENS Migration Assistant

A

A tool that allows for the migration of custom settings and assignments belonging to legacy products to ENS in the event of an upgrade

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What ePO versions does the migration assistant migrate settings for?

A

Environments managed with ePO version 5.1.1 or later

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the products that Migration Assistant provides migration for?

A
VSE 8.8
HIPS Firewall 8.0
HIPS 8.0
SiteAdvisor Enterprise 3.5
Endpoint Protection for Mac 2.3
McAfee VirusScan for Mac 9.8
VSE for Linux 2.0.2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What settings from VSE 8.8 can be migrated?

A

Policies(Workstation Policies, Server Policies, or both) and Client Tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What settings from HIPS firewall can be migrated?

A

Host IPS Catalog

Firewall and General Policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What settings from HIPS can be migrated?

A

IPS Rules policy:

  • Excluded Application Protection Rules
  • IPS Exceptions
  • Custom Signatures
  • McAfee-defined signatures supported

IPS Protection Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What settings from SiteAdvisor Enterprise can be migrated?

A

Policies

Client Tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What settings from Endpoint Protection for Mac/VirusScan for Mac can be migrated?

A

Anti-malware policy:

  • On Access Scan
  • Exclusions: On-Access Scan
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What settings from VirusScan Enterprise for Linux 2.0.2 can be migrated?

A

On-Access Scanning Policy

On-Demand Scanning Client Tasks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between Automatic Migration and Manual Migration?

A

Automatic Migration:

  • Migrates all supported settings for all supported products you have installed on your systems
  • Requires minimal input from you
  • Create and assign new ENS policies and client tasks automatically, based on your current product settings

Manual Migration:

  • Requires user input
  • Lets you select specific objects to migrate and edit the policies if needed
  • Does not retain assignments for migrated objects
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What happens to objects from a previous migration when you initiate another one?

A

Automatic Migration: Deletes objects created during a previous automatic migration session for the same systems

Manual Migration: Has no effect on objects migrated during a previous session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Are assignments retained post migration for migrated objects?

A

Manual Migration: No

Automatic Migration: Yes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The path for the quarantine folder is limited to 190 characters in ENS, but VSE allowed 256. What does this mean for migration?

A

If the migrated quarantine folder path contains more than 190 characters, the path automatically reverts to the default location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How is VSE’s organization of Server vs Workstation policies addressed in migration?

A

When migrating, you can specify either Workstation, server, or workstation and server for migration.

If you choose to migrate only one at a time, you can migrate the other one at a later time. If you migrate both types simultaneously, the number of target polices may increase, depending on the system tree structure.

If a group contains both workstations and servers, the policy assigned to the greatest number of systems is assigned to the group, and the policy assigned to fewer systems is assigned to individual systems within the group as needed.

Thus, the best practice to minimize the number of assignments is to place workstations and servers in separate groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What happens to Access Protection port-blocking rules from VSE?

A

They are not migrated. Also, user added inclusions and exclusions for predefined rules are not migrated.

If you want to continue using legacy rules that don’t migrate from VSE, you can create firewall rules in ENS Firewall to replicate their behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the name for the Buffer Overflow Protection settings in ENS?

A

Exploit Prevention

17
Q

How does the difference in characters supported by VSE and ENS affect the migration of exclusions in policies?

A

VSE allows semi-colons to separate include and exclude processes, while the Migration Assistant recognizes only the comma character to separate include and exclude processes

This means if you migrate an exclusion rule that uses ; to separate multiple include and exclude processes, the Migration Assistant migrates them as a single process, resulting in the migrated policies not containing all the exclusions that were in the original policy

18
Q

How can you correct the migration issue related to unsupported characters in exclusions?

A

Before Migrating: Review source VSE policies. Locate unsupported ; characters and change them to , before migrating

During Manual Migration - The Migration Assistant notifies you that one or more policies have unsupported characters, affording you the opportunity to cancel the migration and revise the VSE policies

After migration - Edit your migrated policies to replace each ; character with a , character

19
Q

Where do VSE policies end up in ENS?

A

BOP -> Exploit Prevention

On Access Default, High Risk, Low Risk processes and general -> On Access Scan

Quarantine Manager, Unwanted Programs -> Options(TP)

Access Protection -> Access Protection, Options(Common Policy)

Alert -> Options(Common Policy)

General Options -> On Demand Scan, Options(Common Policy)

20
Q

Where do HIPS policies end up in ENS?

A

IPS Protection -> Access Protection, Exploit Prevention

IPS Rules -> Access Protection, Exploit Prevention

Trusted Applications -> Access Protection

Firewall Rules -> Rules(Firewall)

Firewall Options, DNS Blocking -> Options(Firewall)

Trusted Networks -> Options(Firewall)

Client UI -> Options (Firewall), Options (Common Policy)

21
Q

Where do SiteAdvisor Policies end up in ENS?

A

Enforcement Messaging -> Enforcement Messaging

Authorize List -> Block and Allow List, Options (Web Control)

Prohibit List -> Block and Allow List

Hardening -> Browser Control, Options (Web Control)

Content Actions -> Content Actions, Options (Web Control)

Rating Actions -> Content Actions, Options (Web Control)

Enable or Disable -> Options (Web Control)

Event Tracking -> Options (Web Control)

General -> Options (Web Control), Options (Common Policy

22
Q

T/F During Automatic Migration, unassigned policies or tasks are migrated over?

A

False, Automatic Migration only works for policies/tasks that are assigned. You must perform manual migration on tasks that are unassigned

23
Q

T/F If you make a change to a legacy product’s policy, client task, or host ips catalog during migration, the end result will reflect those changes.

A

False, the end result of the migration will reflect the object as it was right at the beginning of the migration, thus any changes made in the midst of the migration will in fact not be included

Therefore, it is a good idea to alert other users that possess that authority to modify these settings not to make changes during the migration

24
Q

When is it recommended to use Automatic Migration?

A
  • Have a network with fewer than 250 managed systems

- Use default policy settings or a minimum number of custom policies

25
Q

When is it recommended to use Manual Migration?

A
  • Have a network with more than 250 managed systems
  • Use multiple custom policies
  • Want to fine-tune existing policy settings during the migration process
  • Want to fine-tune assignments
  • Want to migrate settings to single-platform policies
  • Want to personally supervise and approve each step of the migration process