Table of Contents
What is Advanced Threat Defense ATD
Advanced threat detection ATD solutions are truly many. They can protect web email endpoints, network traffic file shares, and much, much more from advanced threats. There might be multiple deployment options like on-premise or cloud deployments.
And so on. You might use just ATD for web or web and email is included also at the endpoints. File shares or orchestrate everything together in one giant. Well, performing integrated solution, well, backed up by intelligence and services vendors who are already covering the standard web email and network security endpoint security solutions ATD developed by McAfee.
Have well interconnected, integrated intelligence-driven solutions for all platforms plus services to probably back them up. For example, the pioneer in this field is FireEye, but all those solutions, core functionality, or purpose is similar which is to discover advanced, modern threats in a very much different way than traditional solutions.
Malware has evolved to evade traditional security solutions. That is actually why advanced threat detection was developed in the first place. Different ATD solutions might use multiple techniques, but one most common and basic concept is sandboxing. Sandboxing solution is capturing files, objects, and other program codes in monitored traffic and executing them in a closed controlled virtual environment in this sandboxing environment.
The potential malware, if executed will not cause damage and will not be able to spread the sandbox system is closely monitored while the code is being executed. Using behavioral analysis, the sandbox solution is then able to detect if the executed code does things that are usually malware and us like creating or modifying files in system folders, changing memory.
Adding register entries, hiding in other processes, opening connections to suspicious servers, trying to connect to other computers in the local network, et cetera, unknown malware detected by this concept would otherwise never be detected by traditional solutions, but the set send boxing is just the basic concept of ATD.
McAfee Advanced Threat Defense ATD Upgradation
Today we are going to upgrade advanced threat defense ATD from 4.12 to 4.14 and 4.14 is the latest ATD version (03/2022) this article will be very useful for the up-gradation atd before performing any activity you have to take the full backup of your atd if it is completely new to that case not make sense to take the backup but if it is already configured in your environment you have to take the backup.
The best way u have to log in to your atd appliance and go to the manage under the manage left side bottom there is one option is maintenance under the maintenance there is a backup and restore you just go to the backup you will see one is a screen in the central side is the backup schedule setting there is the two option remote FTP and local atd system and the backup frequency you have to select the now in backup frequency if you select the now the backup generate in your local and you can download that backup file under the restore section so once a backup is done.
McAfee Advanced Threat Defense 4.14.x Command Line Interface Reference Guide
Download and Upload
After backup you have to download the file basically the up-gradation file from the McAfee download center use your valid Grand number and log in to your atd appliance in SFTP (WinSCP) Upload the file in the ATD root directory
Default Login Details
ATD IP Address / Port 22 / Username : atdadmin /Password :atdadmin
login your atd appliance In the user interface basically the console and go to the manage section and left side menu there is option image and software under the software section there is option system software drop-down menu you will see your file is listed just selected and install click to install.