McAfee HISCDE-AB-IA Product Guide - Page 52
Configuring Firewall Policies, Overview of Firewall policies
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 52 highlights
Configuring Firewall Policies The Host Intrusion Prevention firewall policies turn protection on and off and provide rules to stop network intrusions that could compromise data, applications, or the operating system. Contents Overview of Firewall policies Enable firewall protection Define firewall protection Overview of Firewall policies The Host Intrusion Prevention firewall feature provides security by filtering traffic into and out of networked systems running Windows. Stateful filtering and packet inspection identify packets for different types of connections, and hold in memory the attributes of network connections from start-to-finish of transmission. A Host IPS catalog simplifies rule creation by allowing you to add existing rules, groups, network options, applications, executables, and locations from the catalog to new and existing firewall rules and groups. It also allows the addition of these elements to the catalog either on an item-by-item basis or by batch process. Available policies There are three Firewall policies: Firewall Options - Enables firewall protection. It turns firewall protection on and off, defines stateful firewall settings, and enables special firewall-specific protection such as allowing outgoing traffic only until the firewall service has started, and blocking IP spoofing and malicious traffic. Firewall Rules - Defines firewall protection. It consists of a set of rules that defines what traffic is allowed and what is blocked. You can define rules broadly (for example, all IP traffic) or narrowly (for example, identifying a specific application or service), with various network, transport, application, and schedule options. You can group rules according to a work function, service, or application for easier management. Like rules, rule groups can be defined by network, transport, application, schedule, and location options. Firewall DNS Blocking - Defines a set of domain name patterns, which can include wildcards, that are to be blocked. When applied, this policy dynamically adds a rule near the top of the firewall rules list that prevents resolving the IP address of the specified domain. 52 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5