McAfee HISCDE-AB-IA Product Guide - Page 140
Firewall Activity Log LearnIN wProb, Test Firewall Learn Mode
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 140 highlights
Appendix B - Troubleshooting General issues a Deselect Automatically Block Attackers and retest to see if the problem is resolved. If it is, Network IPS in Block Attackers Mode can potentially be associated with the issue. b Click the Blocked Hosts tab, note any blocked attacker entries, and review for false positives. c Save a copy of the Activity log and name it to Network IPS Adaptive Activity Log wProb, for reporting to support. 5 If the problem does not recur, deselect Enable Network IPS and continue to the next step. Test Firewall Policy 1 Click the Activity Log tab and clear the log. 2 Click the Firewall Policy tab and select Enable Firewall. 3 Test the system to determine if the problem recurs. If it does: a Deselect Enable Firewall. b Retest to verify the problem is resolved. If it is, Host IPS Firewall can potentially be associated with the issue. c Save a copy of the Activity log and name it Firewall Activity Log wProb. 4 If the problem does not recur, select Enable Firewall and continue to the next step. Test Firewall Learn Mode 1 Click the Activity Log tab and clear the log. 2 Click the Firewall Policy tab and select Learn Mode and Incoming. Deselect Outgoing. 3 Test the system to determine if the problem recurs. If it does: a Deselect Incoming. b Retest to verify the problem is resolved. If it is, Firewall Incoming Learn Mode can potentially be associated with the issue. c Save a copy of the Activity log and name it Firewall Activity Log LearnIN wProb, for reporting to support. d Click the Activity Log tab and clear the log. 4 Click the Activity Log tab and clear the log. 5 Click the Firewall Policy tab and select Learn Mode and Outgoing. Deselect Incoming. 6 Test the system to determine if the problem recurs. If it does: a Deselect Outgoing. b Retest to verify the problem is resolved. If it is, Firewall Outgoing Learn Mode can potentially be associated with the issue. c Save a copy of the Activity log and name it Firewall Activity Log LearnOUT wProb, for reporting to support. d Click the Activity Log tab and clear the log. 7 Navigate to the Firewall Policy tab. 8 Click the Firewall Policy tab and select Learn Mode and both Incoming and Outgoing. 9 Test the system to determine if the problem recurs. If it does: a Deselect Incoming and Outgoing. 140 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5