SaaS and Web Services 7.1.0

Transcription

1 Release Notes Revision A SaaS and Web Services Contents About this release New features Resolved issues Recommended environments Find McAfee SaaS service documentation Find product documentation About this release Thank you for choosing McAfee SaaS and Web Services. This document contains important information about the current release. We strongly recommend that you read the entire document. New features The current release includes the following new and updated features. Account Management Partner setup pages changed for Cloud SSO The Create Partner, Edit Partner, and Partner Details pages have been updated to allow partner enablement for Cloud SSO administration. A new checkbox, Cloud SSO, has been added to the pages. Customer setup pages changed for Cloud SSO The Create Customer, Edit Customer, and Customer Details pages have been updated to allow customer enablement of Cloud SSO service. Two new fields have been added, Cloud SSO and Number of Billed Users. Directory Integration page now includes Identity Bridge fields for Cloud SSO Identity (ID) Bridge settings now appear at the bottom of the Directory Integration page when the new Cloud SSO and Identity Bridge capabilities are enabled. Four of the fields are display only and reflect how the ID Bridge was configured in the epo. 1

2 epo Hostname IP Range UID Status There is an Authentication Test button to check that the ID Bridge is working. In addition, an Identity Bridge Authentication drop down list allows you to turn off the ID Bridge or enable it only for users synchronized with Active Directory domains. Changes to New User, Edit User, and User Synchronization Details pages for additional attributes The New User and Edit User pages now contain new fields to add additional attributes for a user. The User Synchronization Details page has a new rejection message when the additional attributes fail to be synchronized. In the New User and Edit User pages, the new fields are: First Name Mobile Phone Last Name Title Display Name Department This data can be useful if you use the Cloud SSO application and you automatically provision apps that user can access under the Cloud SSO umbrella. In the User Synchronization Details page, a new rejection message tracks when the attributes listed above fail to be synchronized, usually because the attribute value exceeds the maximum length of the field. New data is available on the User List page The User List page now allows you to include columns that show whether or not a user has set a security question and a password for authentication. Enhancements to Batch Edit User page Additional attributes for users can be edited in a batch file using the Batch Edit User page. More flexibility has also been added to the display on the Batch Edit User page. The following fields can be edited by uploading a batch file to the Batch Edit User page: Status Display Name First Name Title Last Name Department In addition, if you are a Customer Administrator, you can edit user passwords in a batch file. The Batch Edit User page also allows you to display only the attributes you want to display. To change which attributes are displayed, you can click in the column header for any column, select Columns from the drop down menu, and select the checkboxes for the attributes you want the page to display. You can also change the order of the attribute columns simply by selecting a column and dragging it to its new position. 2

3 Most fields in the Batch Edit User page also allow you to doubleclick the field and select from the drop down menu the option called Unset Value. This option resets the value that you uploaded in a batch value to the value previously in the field. Batch password updates removed from Password Authentication page The Password version of the User Authentication page now longer offers fields to update passwords with a batch file. Instead, the Batch Edit User window now includes the capability to update user passwords with a batch file. Create a.csv file of user data that you can use for batch user edits From the User List page, you can download a.csv file that contains specific types of user data that you specify. You can then edit the.csv file and upload it to the Batch Edit Users page for batch editing of user data. Change to filter function on Edit User tabs The filtering function of the Edit User: Group Membership and Edit User: Group Administration tabs have changed. The Filter field is no longer available. Instead, a filtering menu is available by clicking right end of the column headers. To filter the list of available groups or selected groups on the tabs, you now do the following: 1 Place your cursor on the Available Groups column heading. 2 Click the column's down arrow to display the first menu. 3 Use your cursor to highlight Filters. 4 From the Filter submenu, click the checkbox for the specific filtering option you want. 5 Enter a value for which to search for matching group names. Enhancements to group administration pages The group administration pages have been enhanced. The Groups List page now allows you to filter the group list based on ranges of values you select for one or more columns of data. Filter criteria are available on the following columns: 3

4 Filter criteria Description Group Name Description Date Created List only groups whose names start with, contain, or equal the characters you enter. List only groups whose descriptions start with, contain, or equal the characters you enter. List only groups that were created before, after, or on a specific date. You can also create a range of time based on the use of a "before" date and an "after" date together. In addition, the Groups List page now contains a Download button to allow you to download a.csv (Excel) file that contains the data from the Groups List, as well as any additional attributes a particular group might have on the Group Details page. Group Members and Group Administrators page changes The Filter field and button is no longer available on the Group Members and Group Administrators pages. Instead, a drop down list with a filtering option is available from the Available Users and Selected Users column headers in the Group Members page and the Available Group Administrators and Selected Group Administrators columns in the Group Administrators page. The Group Members page also now contains a Group Count column for both the Available Users and Selected Users sections. This column shows the number of groups to which each user is currently assigned within the Control Console. The group count can differ from the number of groups to which a user is actually assigned within the customer's Active Directory (AD), even when Directory Integration synchronizes user data by AD domain. This difference can result for various reasons. For example, users can be manually added to groups in the Control Console and not added in the Active Directory. Also, in the Control Console, groups that contain other groups are included in the user's group count. Service Provider customer type can no longer be configured The Service Provider customer type can no longer be assigned to a new customer, nor can an Enterprise customer be converted to a Service Provider customer. On the Create Customer and Edit Customer pages, the Service Provider customer type is no longer available to select. However, existing Service Provider customers continue to be supported. Cloud Single Sign On, SaaS Edition Introducing Cloud Single Sign On, SaaS Edition Cloud Single Sign On, SaaS Edition is an application integrated in the Control Console that provides identity and access management as a service over the Internet without the need for hardware and installed software on customer premises. Cloud Single Sign On allows users to log in once into the Control Console and access other applications over the Internet without the need to enter login credentials again. Conversely, Cloud Single Sign On can allow users to sign off from multiple applications at one time. With the separately purchased Identity Bridge added to the Directory Services Connector on the customer's premises, the Cloud Single Sign On capability enables users to log into the customer's corporate network and be able to access the Control Console and multiple applications without reentering credentials. In addition, if users are also synchronized through Directory Services Connector, the Identity Bridge allows the ability to sign onto the Control Console with corporate credentials even when outside of the corporate network. Access to each application is assigned by group. Access to each application can be restricted according to the following: 4

5 IP address range A multi factor one time password that users must enter each time they access an application The one time password authentication requires the use of Pledge client software to generate one time passwords from a desktop, laptop, ios mobile device, or Android mobile device. New administration pages in the Control Console If enabled, a new application tab, Cloud SSO, is available for administrators to list, search for, configure and edit application connectors. An application connector is a configuration that you define in Cloud Single Sign On. The connector allows Cloud Single Sign On to connect users to the application without requiring users to sign on to the application. If enabled, a new user tab, My Apps, is available for users to access applications over the cloud directly from the Control Console. From this tab, users can also sign out of all applications to which they are connected by clicking a single button. The tab also provides a link to download Pledge software the first time a user must use it. Protection Configuring enhanced ClickProtect features for inbound mail policies The new and improved ClickProtect feature provides enhanced protection from phishing attacks and malware infections by scanning the URL links in your inbound messages. Using the ClickProtect tab, you can configure scan time and click time actions, customize warning messages, and add trusted sites to your allow list. Improvements to the ClickProtect Overview and Click Log reports allow you to track trends and statistics as well as review the log of individual clicks and actions. ClickProtect ClickProtect safeguards your organization from web based threats that may arrive by using McAfee GTI URL Reputation. URLs are evaluated during processing ("scan time") as well as when users click on a link ("click time"). Click time scanning ensures that users are protected from changes to a URL's reputation that can occur after the message is initially scanned. Figure 2-1 New ClickProtect tab in the inbound policy window 5

6 Update ClickProtect options for an inbound policy set Configure ClickProtect to take specific scan time and click time actions that protect your users from risky URL links in inbound messages. Task For option definitions, click Help in the interface. 1 Select Protection Policies Inbound Policies 2 Highlight a custom policy or select the Default Inbound policy, click Edit. 3 In the Policy Set window, select ClickProtect. 4 Select Enable ClickProtect. 5 Select scan time and click time actions for each reputation type. 6 Under Advanced Anti malware Scan, select malware scan options as necessary. 7 Click Save. Once ClickProtect is active, you can customize the warning messages your users see as well as update the list of approved URLs. Classification tab Use the Classification tab to configure ClickProtect scan time and click time actions. Table 2-1 Classification tab option definitions Option Save Cancel Enable ClickProtect Reputation Definition Click to save changes. Click to reset without saving changes. Select to enable ClickProtect and configure your scan time and click time actions. Displays the risk categories: High Risk Specifies a URL that exhibits detrimental behavior. For example, the site is known to host malware. Medium Risk Specifies a URL that exhibits questionable behavior that may be detrimental to the user. Minimal Risk Specifies a URL that exhibits appropriate behavior or that is verified as trusted. Unverified Specifies a URL for which no reputation information has been calculated. Scan time Action Specifies the action to take at scan time, for each reputation type. Deliver message Quarantine message Deny message Tag subject 6

7 Table 2-1 Classification tab option definitions (continued) Option Click time Action Definition Specifies the action to take at click time, for each reputation type. Allow click through Select to immediately redirect the user to the website. Warn and allow click through Select to display a warning message in a browser and give the user the option to continue to the requested website. Deny click through Select to display a block message in a browser and explain why the website was denied. You can customize the warning and blocked message pages in the Custom Warnings tab. Advanced Anti malware Scan Specifies whether or not you want to scan links for malware at click time. Enable Select to enable the anti malware scan. Enable the Safe Preview token for custom warnings Select to enable the Safe Preview option in the Custom Warnings tab. You can customize the warning message page in the Custom Warnings tab. Custom Warnings tab The Custom Warnings tab allows you to customize the warning page that displays when a website risk is detected at click time. Each text field allows you to enter and format the text using the toolbar options. You can also add tokens to display specific information about a link. Table 2-2 Custom Warnings tab option definitions Option Save Cancel Warn and allow Definition Click to save the text, tokens, and HTML formatting. Click to discard your changes and restore the previously saved text. Specifies the text that displays when you select Warn and allow click through as the click time action for a risk level. This page typically warns the user of the risk and gives them the option to continue or abandon the link. Deny Click through Specifies the text that displays when you select Deny click through as the click time action for a risk level. This page typically warns the user of the risk and provides and explanation for why the website was blocked. Malware Found Error Occured Specifies the text that displays when you enable the Advanced Anti malware Scan option and malware is found. Specifies the text that displays when an error occurs. For example, a URL's reputation cannot be checked, or a website cannot be scanned for malware. Custom Warnings tokens Use these tokens to include specific details about a link in the text of your custom warning message. 7

8 Table 2-3 Tokens definitions Add this token %URL% To display The URL that the user clicked. Recommended for the Warn and allow warning message only. %URL_REPUTATION% The risk level of the website based on its reputation. Minimal Medium High Unverified %URL_CATEGORY% %IMAGE_PREVIEW% The category of the website. A safe preview of the website. In certain situations, the image preview may not display. This can happen when: Access to the page is denied due to the %URL_REPUTATION% value. For example, High Risk is set to Deny click through. The malware scan detected a virus. Safe preview is not enabled for the Advanced Anti malware Scan. The %URL_CATEGORY% value includes sexual or violent content. Extreme Gruesome Content Incidental Nudity Nudity Pornography Provocative Attire Sexual Materials An error occurs during the preview scan, or the preview scan takes longer than 20 seconds. %FROM_ADDRESS% %DATE_TIME% %SUBJECT% %MESSAGE_ID% %MALWARE_NAME% The address that sent the with the website URL. The timestamp of the . The subject line of the . The message ID of the . The name of the malware threat. Custom Warning token examples The website you requested is considered %URL_REPUTATION% risk. The link was sent to you by %FROM_ADDRESS% on %DATE_TIME%. The subject line was %SUBJECT%. This website, %URL%, is associated with the %URL_CATEGORY% category. 8

9 Allow List tab The Allow List tab allows you to configure the list of domains, IP addresses, and URLs that ClickProtect should always allow in an . For example, a website that you want to exclude from URL rewrite, or an internal website that ClickProtect is unable to access. Table 2-4 Allow List tab option definitions Option Save Cancel Domain, IP Address, or URL Definition Click to save changes. Click to restore previous settings. Enter a domain, IP address, or URL to add it to the Allow List. Maximum of 256 characters for each address. Wild cards can be used with domains and IP addresses. Maximum of 200 addresses. Options Add >> Click to add a new address to the list. << Remove Select an address in the list and click << Remove to delete it. << Remove All Click to delete all addresses from the list. Click Save to keep your changes. Allow List More Options Displays the list of allowed domains, IP addresses, and URLs. Specifies additional options for managing the allow list. Upload list (appends): Upload addresses in a text file and add them to the list. To use this option, create a file with one item per line. Uploading adds new entries to the existing list. It will not delete existing items. Browse Click to select a file to upload. Upload Click to upload the file and update the list. Click Save to keep your changes. Download list (be sure to save changes first): Download the current allow list in a.csv file. Download Click to download the list. Subscribe to the Default Inbound policy ClickProtect List Select to use the allow list associated with the default inbound policy. ClickProtect: Overview report The ClickProtect Overview report provides you with the results of your ClickProtect implementation including counts of messages affected and the number of user clicks that were allowed and denied. Table 2-5 ClickProtect Statistics Field Messages with links Messages with multiple links Total clicks Total allowed click throughs Total warn and allow click throughs Total click throughs denied due to reputation Description The total number of messages that contained a link. The total number of messages that contained more than one linke. The total number of times that recipients clicked links in their . The total number of times that recipients were allowed to access the website after clicking the link. The total number of times that recipients were taken to the warning page before being allowed to access the website. The total number of times that recipients were denied access to a website because of the site's reputation. 9

10 Table 2-5 ClickProtect Statistics (continued) Field Total click throughs denied due to malware Number of individual users that clicked Spam messages with click throughs Messages with links on the ClickProtect Allow list Description The total number of times that recipients were denied access to a website because the site contained malware. The total number of recipients that attempted to click a link in an . The total number of spam s that contained links clicked by recipients. The total number of s that contained links that are listed in the ClickProtect allow list. ClickProtect: Click Log report The ClickProtect Click Log report provides details on each link that is scanned for potential risks as well as the resulting action. Table 2-6 ClickProtect: Click Log options Field Timestamp From To Subject URL Reputation Description Displays the date and time. Displays the address of the sender. Displays the address of the recipient. Displays the subject line of the . Displays the full URL of the link. Displays the reputation of the website. High Risk Specifies a URL that exhibits detrimental behavior. For example, the site is known to host malware. Medium Risk Specifies a URL that exhibits questionable behavior that may be detrimental to the user. Minimal Risk Specifies a URL that exhibits appropriate behavior or that is verified as trusted. Unverified Specifies a URL for which no reputation information has been calculated. Category Malware Action When available, displays the category associated with the website. When found, displays the name of the malicious software. The action taken at click time. Denied malware Denied reputation Warn and allow Allowed Score Displays the spam likelihood score assigned to the as a graphical bar. The spam score ranges from 0 100% (green to red), with 100% (or red) being the highest likelihood that the is spam. 10

11 Scheduling Spam Reports in user preferences You can now schedule how often you receive spam report notifications from Protection. These new options allow you to select multiple deliveries per week and up to two reports per day. Figure 2-2 Protection Settings Schedule spam reports Use the schedule and frequency options in the Preferences tab to schedule the delivery of spam reports. Task For option definitions, click Help in the interface. 1 Select the Preferences tab. Administrators can select My Account Preferences. 2 Under Protection Settings, complete the scheduling options for spam reports. Schedule and Frequency Deselect Use policy defaults. Frequency Select one or more days of the week. Deliver reports by Select the time of day for Report 1 and Report 2. Select Skip if you do not want to receive a report. 3 Click Apply. 11

12 Protection settings in the Preferences tab Use the Preferences tab to configure the Protection settings for your account, including spam filtering options and spam report delivery options. Table 2-7 Protection Settings field definitions Field Spam Filtering Spam Actions Definition Select Enable to filter your messages for spam. Select Use policy defaults to use the default spam actions. Deselect to customize Medium Spam, High Spam, and Graymail Spam actions. Medium Spam Action Specifies the default action for spam messages that have a medium likelihood. Prepend "[SPAM]" to message subject The subject line of the has the phrase "[SPAM]" added to the beginning of the subject text and the is sent to you. Quarantine the message The is added to your spam quarantine and is not sent to you. The is reported in your Spam Report. Deny delivery The is blocked automatically. Do nothing The is forwarded to you with no processing applied. High Spam Action Specifies the default action for spam messages that have a high likelihood. Prepend "[SPAM]" to message subject The subject line of the has the phrase "[SPAM]" added to the beginning of the subject text and the is sent to you. Quarantine the message The is added to your spam quarantine and is not sent to you. The is reported in your Spam Report. Deny delivery The is blocked automatically. Do nothing The is forwarded to you with no processing applied. Graymail Spam Action Specifies the default action for graymail spam messages. Tag subject with "[GRAYMAIL]" The subject line of the has the phrase "[GRAYMAIL]" added to the beginning of the subject text and the is sent to you. Quarantine the message The is added to your spam quarantine and is not sent to you. The is reported in your Spam Report. Deny delivery The is blocked automatically. Do nothing The is forwarded to you with no processing applied. Allow Always allow graymail messages. Spam Report Schedule and Frequency Frequency Deliver Reports by Format Select Enable to receive spam reports. Select Use policy defaults to use the default spam report settings. Deselect to customize Frequency and Deliver reports by settings for spam reports. Specifies how often you receive spam reports. Select on or more days of the week. Specifies the time of day you would like to receive your reports. You have the option of receiving one or two reports per day. Specifies the format of the , Plain text or HTML. 12

13 Table 2-7 Protection Settings field definitions (continued) Field Type Spam Report Alternate Delivery Address Definition Specifies the content of the report: New items since last report All quarantined items Summary Specifies an alternate address that allows you to forward your Spam Report to a different address. The address must be provisioned in the system within one of your domains. Forwarding your Spam Report allows the recipient to have full access to your Control Console account. Be sure to use a trusted address. 13

14 Selecting your preferred region to improve MX Record setup The all new MX Records Setup page allows you configure your MX records based on your preferred. This ensures that your records are configured correctly, that inbound is routed through the Protection service for filtering, and that attackers cannot bypass the service. Figure 2-3 New MX Records Setup page with region selection 14

15 Select a region to review MX records Select a region to use its MX records for filtering. Before you begin Before changing your MX records, you must first complete the inbound servers setup process. Task For option definitions, click Help in the interface. 1 Select Protection Setup MX Records 2 Under Region, select an option to update the page. 3 Review the information under Recommended Configuration, Current Configuration, and Lock Down. Use this information to configure your MX records so that mail is routed through the Protection service. The Lock Down information allows you to configure your servers to only accept connections from the service. MX Records Setup page The MX Records Setup page allows you to determine what MX records to use based on your region, whether or not your MX records are configured correctly, and provides you with IP addresses that you can use to prevent attackers from bypassing the service. Table 2-8 MX Record Setup page option definitions Option Region Recommended Configuration Definition Specifies the location of your servers. Selecting a region determines the set of MX records you should use. Displays the recommended MX records for your selected region. Use these records to redirect your to the Protection service. To avoid delivery issues, you should replace your current configuration with the full set of MX records. 15

16 Table 2-8 MX Record Setup page option definitions (continued) Option Current Configuration Lock Down Definition Displays the current set of MX records based on a query to your authoritative DNS provider. Each record includes the following status information: Invalid The record is unrecognized and unable to route to the Protection service. Valid The record is recognized and able to route to the Protection service. Outdated The record is recognized, but does not match the current recommended MX records displayed under Recommended Configuration. You should update your records to match what is displayed. Recheck your current configuration: Check Again Click to query your authoritative DNS provider. Use this DNS server Enter the hostname of an alternative DNS server and click Check Again. Displays a list of files that you can use to limit SMTP connections and prevent attackers from bypassing Protection. Each file contains the list of IP addresses that you should allow from Protection. All others should be blocked. There are four different formats. Select the one that will work best with your environment: CIDR /21 notation Contains two /21 IP blocks. CIDR /24 notation Contains a list of /24 IP blocks. Individual IPs Contains a list of individual IP addresses. Optimized for Microsoft Office 365 For Microsoft Office 365 users, this file contains a list of IP addresses that are formatted for use when creating an Inbound Connector in Forefront Online Protection for Exchange (FOPE). Archiving Deactivating a group-specific archive retention length A change to the Retention options in the Archiving tab of the Edit Group window allows you to remove the custom value and restore the default global retention length. Figure 2-4 Archiving tab in the Edit Group window 16

17 Restore the global archive retention length for a group When necessary, remove the custom group retention length and restore the global value. This option can be useful when the group retention, or the group itself, is no longer needed. Task For option definitions, click Help in the interface. 1 Select Account Management Groups 2 Highlight the group you want to modify, click Edit. 3 In the Edit Group window, select Archiving. 4 In the Retention drop down, select the global retention value. 5 Click Apply. Web Protection New charts technology Web Protection Services has replaced CORDA with new technology for chart graphical displays in the Reports tab. Reports data affected by the change include: Traffic Overview Media Allowed Category by Site Application Allowed Category by User Threat Blocked Category The following example illustrates the new graphical display. 17

18 Resolved issues These issues are resolved in this release of the product. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. Resolved Account Management issues SR# W When replacing the primary address in one account with the same address of a previously removed account, user synchronization of the Active Directory server completes and approves successfully. (875978) SR# W You can now remove the configuration settings for an Authentication Type in the User Authentication tab of the Control Console. Select Account Management Configuration User Authentication, click Clear Settings. (870368) Resolved Protection issues Message Audit SR# W You can now download the Message Audit report with Japanese characters in the title using Internet Explorer. (874984) Quarantine SR# W Archive Compliance Officers can now delete their own quarantined messages. (874956) SR# W Quarantine search results now display correctly in Internet Explorer 10. (870165) SR# W Service Provider customers and administrators with a role less than Customer Administrator can now complete Quarantine searches using a wildcard in the To address field. (870456) SR# W Oracle Messaging Communications Server users can now view the contents of their Spam Reports. (871942) Encryption SR# W The Encryption service no longer locks due to processes that have failed to timeout and exit successfully. (870406) SR# W The Encryption Welcome letter is now configurable for on premise deployments. (870334) SR# W You can now encrypt outbound messages that include non ascii characters in the filename of an attachment. (870304) Policies SR# W If you enter more than 255 characters into the Content field under Inbound Policy Spam Content Groups, you will receive an error message and the content will not save. (870362) SR# W When creating a new policy set, you can cut and paste into the Name field using the right click menu and the Save button will become active. (870360) SR# W When editing the Sender Allow or Sender Deny list in the Allow/Deny tab of a policy, the Remove All button is only active when there is at least one address already in the list. (870363) 18

19 Other resolved issues SR# W An upgrade to Postgresql fixes multiple issues in existing deployments. (870318) SR# W mod_access IP checks are now delayed when the sending IP needs to be rewound. (869727) Web Protection Resolved Issues Here is a list of issues from previous releases of the software that have been fixed in this release. Resolved Issues 1 Issue SR # W The Forensics Report does not return data for specific filtered search criteria, but does return data to a downloaded.csv file. (Reference: ) Resolution The error was found and corrected in the database and Forensics Reports now returns accurate data for filtered search criteria. 2 Issue SR # W A customer reported their policy settings were filtered through another customer's McAfee Client Proxy policy. (Reference: ) Resolution The customer's cache key was not unique to McAfee Client Proxy policy users. The customer's cache key now includes a unique customer ID. 3 Issue SR # W Users reported errors when trying to install Java. (Reference: ) Resolution Sun.com was added to the Global Whitelist, allowing users to download and install the Java executable without error. Recommended environments The following environments are supported by this release. Internet Explorer 10 Windows 8 Windows 7 Internet Explorer 9 Windows 7 Windows Vista Firefox OS X 10.8 Windows 7 OS X 10.7 Windows Vista Windows 8 Windows XP Chrome OS X 10.8 Windows 7 OS X 10.7 Windows Vista Windows 8 Windows XP 19

20 Safari 6 (Web Protection end user only) OS X 10.8 OS X 10.7 Find McAfee SaaS service documentation McAfee provides the information you need during each phase of service implementation, from setup to daily use and troubleshooting. After a service update is released, information is added to the McAfee SaaS and Web Security Support site. Task 1 Go to the McAfee SaaS and Web Security Support page at 2 Under Knowledge Base, click Reference Materials. 3 Under Reference Materials, scroll down to access information that you need: Service Enhancements and Release Notes Training Materials Service Reference Guides Find product documentation McAfee provides the information you need during each phase of product implementation, from installation to daily use and troubleshooting. After a product is released, information about the product is entered into the McAfee online KnowledgeBase. Task 1 Go to the McAfee Technical Support ServicePortal at 2 Under Self Service, access the type of information you need: To access... User documentation Do this... 1 Click Product Documentation. 2 Select a product, then select a version. 3 Select a product document. KnowledgeBase Click Search the KnowledgeBase for answers to your product questions. Click Browse the KnowledgeBase for articles listed by product and version. 20

21 Copyright 2013 McAfee, Inc. Do not copy without permission. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. SEWS-Release- Notes-7.1.0A00