Table of Contents
Advertisement
Configuring Firewall Policies
Overview of Firewall policies
• Registry key
On the Network Options tab:
• Local IP address
• Media type
If two location-aware groups apply to a connection, Host Intrusion Prevention uses normal
precedence and processes the first applicable group in its rule list. If no rule in the first group
matches, rule processing continues and might match a rule in the next group.
When Host Intrusion Prevention matches a location-aware group's parameters to an active
connection, it applies the rules within the group. It treats the rules as a small rule set and uses
normal precedence. If some rules do not match the intercepted traffic, the firewall ignores
them.
Note the following:
• If Location status is selected, a location name is required.
• If Local Network is selected, the IP address of the adapter must match one of the list
entries.
• If DNS Suffix is selected, the DNS suffix of the adapter must match one of the list entries.
• If Default Gateway is selected, the default adapter Gateway IP must match at least one
of the list entries.
• If DHCP Server is selected, the adapter DHCP server IP must match at least one of the list
entries.
• If DNS Server List is selected, the adapter DNS server IP address must match any of the
list entries.
• If Primary WINS Server is selected, the adapter primary WINS server IP address must
match at least one of the list entries.
• If Secondary WINS Server is selected, the adapter secondary WINS server IP address
must match at least one of the list entries.
Firewall rule group connection isolation
A connection isolation option is available for groups to prevent undesirable traffic from accessing
a designated network. This can be done through other active network interfaces on a computer,
such as a wireless adapter connecting to a wi-fi hotspot while a wired adapter is connected to
a LAN.
When the Isolate this connection option is selected under a group's Location settings, and
an active Network Interface Card (NIC) matches the group criteria, the only types of traffic
56
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee HISCDE-AB-IA - Host Intrusion Prevention
Related Products for McAfee HISCDE-AB-IA - Host Intrusion Prevention
- McAfee Agent 4.0
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE ANTI-THEFT FILE PROTECTION
- McAfee AVDCDE-AA-AA - Active Virus Defense Suite
- McAfee AVDCDE-BA-CA - Active Virus Defense Suite
- McAfee AVM85M - VirusScan For Mac
- McAfee Data Loss Prevention 9.2.1
- McAfee DFFCDE-AA-DA - Endpoint Encryption For Files