Configuring Firewall Policies
Overview of Firewall policies
• Registry key
On the Network Options tab:
• Local IP address
• Media type
If two location-aware groups apply to a connection, Host Intrusion Prevention uses normal
precedence and processes the first applicable group in its rule list. If no rule in the first group
matches, rule processing continues and might match a rule in the next group.
When Host Intrusion Prevention matches a location-aware group's parameters to an active
connection, it applies the rules within the group. It treats the rules as a small rule set and uses
normal precedence. If some rules do not match the intercepted traffic, the firewall ignores
them.
Note the following:
• If Location status is selected, a location name is required.
• If Local Network is selected, the IP address of the adapter must match one of the list
entries.
• If DNS Suffix is selected, the DNS suffix of the adapter must match one of the list entries.
• If Default Gateway is selected, the default adapter Gateway IP must match at least one
of the list entries.
• If DHCP Server is selected, the adapter DHCP server IP must match at least one of the list
entries.
• If DNS Server List is selected, the adapter DNS server IP address must match any of the
list entries.
• If Primary WINS Server is selected, the adapter primary WINS server IP address must
match at least one of the list entries.
• If Secondary WINS Server is selected, the adapter secondary WINS server IP address
must match at least one of the list entries.
Firewall rule group connection isolation
A connection isolation option is available for groups to prevent undesirable traffic from accessing
a designated network. This can be done through other active network interfaces on a computer,
such as a wireless adapter connecting to a wi-fi hotspot while a wired adapter is connected to
a LAN.
When the Isolate this connection option is selected under a group's Location settings, and
an active Network Interface Card (NIC) matches the group criteria, the only types of traffic
56
McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5