The Traps agent protects the endpoint by enforcing your organization’s security policy as defined in the Endpoint Security Manager. Depending on the configuration, Traps can protect against attempts to exploit software vulnerabilities and bugs and can prevent malicious executable files from running on your endpoints.
When a security event occurs on an endpoint, Traps collects forensic information about that event and, optionally, can also notify the user about the event and even display a custom notification message. On a regular basis, Traps communicates the status of the endpoint and transmits data related to any security events to the Endpoint Security Manager. The following table describes the types of messages that the Traps agent sends to the ESM Server:
The Traps agent periodically sends messages to the ESM Server to indicate that it is operational and to request the latest security policy. The Notifications and Health pages in the Endpoint Security Manager display the status for each endpoint. The duration between messages, known as the heartbeat period, is configurable.
The Traps agent sends notification messages about changes in the agent, such as when a service starts or stops, to the ESM Server. The server logs these notifications in the database and you can view the notifications in the ESM Console.
An end user can request an immediate policy update by clicking Check-in now on the Traps Console. This causes the Traps agent to request the latest security policy from the ESM Server without waiting for the end of the heartbeat period.
If a prevention event occurs on an endpoint where the Traps agent is installed, the Traps agent reports all of event-related information to the ESM Server in real-time.
Traps also provides a user interface that you can use to view the protection status on the endpoint, security event history, running processes, and current security policy rules. Usually, a user will not need to run the Traps Console but the information can be useful when investigating a security-related event. If needed, you can choose to hide the console icon that launches the console or prevent users from launching the console from an endpoint altogether. If you provide access to the Traps Console, you can access it from the notification area (system tray) on an endpoint.
Traps and Endpoint Security Manager Processes
Traps and Endpoint Security Manager Processes The following processes are initiated by Traps and the Endpoint Security Manager (ESM). Component Process Name Description Traps agent ...
Known Issues The following table describes known issues with Traps 3.4. Issue ID Description CYV-10101 After Traps quarantines malware, the operating system displays an error ...
Hide or Restrict Access to the Traps Console
Hide or Restrict Access to the Traps Console By default, a user can access the Traps Console to view information about the current status of ...
Define Heartbeat Settings Between the Agent and the ESM Server
Define Heartbeat Settings Between the Agent and the ESM Server During the heartbeat communication, the Traps agent requests the current security policy and sends a ...
Traps Agent Settings Rules
Traps Agent Settings Rules Agent settings rules enable you to change preferences related to Traps from a central location. From the Settings Agent Settings page, ...
Monitor the Endpoints
Monitor the Endpoints View Endpoint Health Details View Notifications About Changes in the Agent Status View the Status of the Agent from the Traps Console ...
View the Status of the Agent from the Traps Console
View the Status of the Agent from the Traps Console The console displays active and inactive services by displaying a or to the left of ...
Use the Endpoint Security Manager Dashboard
Use the Endpoint Security Manager Dashboard The Dashboard is the first page that you see when you log into the ESM Console. The Dashboard provides ...
Features Introduced in Traps 3.4
Features Introduced in Traps 3.4 Features Introduced in Traps 3.4.3 Features Introduced in Traps 3.4.2 Features Introduced in Traps 3.4.1 Features Introduced in Traps 3.4.0 ...