McAfee TSA00M005PAA Processor Guide - Page 83

Using Firewall Protection Connection type and detections of incoming communications Connection type and detections of incoming communications Firewall protection monitors communications coming into the network (known as inbound events) to determine whether they meet criteria specified for safe communications. If an event does not meet the criteria, it is blocked from reaching computers on the network. Specify criteria by selecting the type of connection client computers are using. A policy option setting determines whether the administrator or the user selects the connection type. Types of connections The connection type defines the environment where client computers are used, It determines what firewall protection considers to be suspicious activity and, therefore, which IP addresses and ports are allowed to communicate with the network computers. Select from three connection environments. Select this... When the computer... Then firewall protection... Untrusted network Is connected directly to the Internet. For example: through a dial-up connection, a DSL line, or a cable modem; through any type of connection in a coffee shop, hotel, or airport. Blocks communications with all other computers, including those on the same subnet. This is the default setting. Trusted network Is connected indirectly to a network that is separated from the Internet by a hardware router or firewall. For example: in a home or office network. Allows communications with other computers on the same subnet, but blocks all other network communications. Custom Should communicate only through specific Allows communications with the ports and IP ports or with a specific range of IP addresses, addresses you specify, blocks all other or the computer is a server providing system communications. services. When you select this option, an Edit button becomes available that enables you to configure options. Additional information about connection types It is important to update the connection type whenever the working environment changes. For example, mobile users who connect to both secured (trusted) and unsecured (untrusted) networks must be able to change their setting accordingly. A policy option specifies whether firewall protection tracks blocked events for reporting purposes. When the option is enabled, you can see a listing of all blocked events in the report entitled Inbound Events Blocked by Firewall. The connection type does not affect the way that firewall protection handles detections of Internet applications running on client computers. Custom connections Trusted and untrusted connection types let you specify whether to allow or block communications originating within a network. Configure a custom connection type when you want to be more specific about where communications originate. When you set up a custom connection, you can designate: McAfee Total Protection Service Product Guide 83