Maintain the Endpoints and Traps
On a daily or weekly basis, perform the following actions:
- Examine the Dashboard to verify that the Traps agent is active on all endpoints. See Use the Endpoint Security Manager Dashboard.
- Review Security Events reported by Traps. After analyzing a security event, you might want to do any of the following tasks:
- Investigate whether the indicators are related to malicious executable files and then use the Agent Query to search for artifacts on Windows endpoints.
- Disable rules temporarily that interfere with day-to-day work. In cases where a security event does not indicate an attack and is interfering with day-to-day work, you can disable an exploit protection or restriction rule on a specific endpoint. See Exclude an Endpoint from an Exploit Protection Rule.
- Patch, upgrade, or fix a bug in software that indicates erroneous behavior or a security vulnerability. Patching or upgrading third-party applications or fixing bugs in applications that are developed in-house can reduce the number of security events reported to the ESM Console.
- Activate protection for an unprotected application. See View, Modify, or Delete a Process.
- Review post-detection events and take additional action to remediate the endpoint.
- Examine the Monitor pages and investigate reports of crashes and security events.
After a change in the organization or in available Traps software versions, you can:
- Add a newly-installed application to the list of protected processes. See Add a New Protected Process.
- Install Traps on a new endpoint. See Traps Agent Administrator’s Guide.
- Upgrade the Traps agent version on endpoints. See Uninstall or Upgrade Traps on the Endpoint.
- Allocate additional licenses for Traps agents. See Add a Traps License Using the ESM Console.
Collect New Process Information
Collect New Process Information By default, Traps protects the most commonly used and well-known processes on your endpoints. In addition, when WildFire is enabled, Traps ...
Issues Addressed in Traps Endpoint Security Manager 4.2
List of addressed issues in the Traps Endpoint Security Manager 4.2. ...
Traps Agent The Traps agent protects the endpoint by enforcing your organization’s security policy as defined in the Endpoint Security Manager. Depending on the configuration, ...
Traps Agent 4.2 for Windows
To uninstall, use, and upgrade the Traps agent 4.2 on Windows endpoints, see the references in this topic. ...
Traps Agent 4.2 for Linux
Traps Agent 4.2 for Linux The Traps agent protects Linux servers by preventing attackers from leveraging software exploits or vulnerabilities to compromise an endpoint. The ...
Traps for Linux
Traps for Linux The Traps agent protects Linux servers by preventing attackers from leveraging software exploits or vulnerabilities to compromise an endpoint. The Traps agent ...
Features Introduced in Traps Endpoint Security Manager
Features Introduced in Traps Endpoint Security Manager The following topics describe the new features introduced in Traps Endpoint Security Manager (ESM) and Traps 4.2. For ...
Traps and Endpoint Security Manager Processes
Traps and Endpoint Security Manager Processes The following processes are initiated by Traps and the Endpoint Security Manager (ESM). Component Process Name Description ESM ESM ...
Use the Traps Agent for Mac
Use the Traps Agent for Mac See the following topics to use or manage the Traps agent for Mac: Open the Traps application. View status ...