McAfee HISCDE-AB-IA Product Guide - Page 64
Firewall client rules, Enable firewall protection - machines
View all McAfee HISCDE-AB-IA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 64 highlights
Configuring Firewall Policies Enable firewall protection 3 If new rules are permitted, a unidirectional static allow rule is created. If this is s a TCP packet, an entry is made in the state table. 4 If a new rule is not permitted, the packet is dropped. Firewall client rules A client in adaptive or learn mode creates firewall client rules to allow blocked activity. Rules can also be created manually on the client computer. You can track the client rules and view them in a filtered or aggregated view. Use these client rules to create new policies or add them to existing policies. Filtering and aggregating rules Applying filters generates a list of rules that satisfies all of the variables defined in the filter criteria. The result is a list of rules that includes all of the criteria. Aggregating rules generates a list of rules grouped by the value associated with each of the variables selected in the Select columns to aggregate dialog box. The result is a list of rules displayed in groups and sorted by the value associated with the selected variables. Enable firewall protection The Firewall Options policy enables firewall protection and provides TrustedSource™ and stateful firewall settings. General settings These general options are available: • Enabled: Select to make the firewall active, and then select the type of protection: • Regular (default) - Use this setting when not tuning a deployment. • Adaptive mode - Select to have rules created automatically to allow traffic. Use only temporarily while tuning a deployment. • Learn mode - Select to have rules created after input from the user to allow traffic. Select also to allow incoming or outgoing traffic or both. Use only temporarily while tuning a deployment. • Allow traffic for unsupported protocols - Select to allow all traffic that uses unsupported protocols. With this option disabled, all traffic using unsupported protocols is blocked. • Allow bridged traffic - Select to allow traffic with a local MAC address that is not the local system's MAC address but is one of the MAC addresses in the list of VMs that the firewall supports. Use this option to allow traffic through a bridged environment with virtual machines. • Retain existing client rules when this policy is enforced - Select to allow clients to keep rules created on the client, automatically with adaptive mode, through user interaction with learn mode, or manually on a client, when this policy is enforced. Protection settings These settings enable special firewall-specific protection: 64 McAfee Host Intrusion Prevention 8.0 Product Guide for ePolicy Orchestrator 4.5