McAfee MIS80E001RAI User Guide - Page 53

Record Intrusion Detection IDS Events in Inbound Events Log, Outbound Only access.

Get McAfee MIS80E001RAI - Internet Security Suite 2006 PDF manuals and user guides
UPC - 731944547817
View all McAfee MIS80E001RAI manuals
Add to My Manuals
Save this manual to your list of manuals

Page 53 highlights

Setting the security level Tight Security - When an application requests a specific type of access to the Internet (for example, Outbound Only Access), you can allow or disallow the application an Internet connection. If the application later requests Full Access, you can then grant Full Access or restrict it to Outbound Only access. Standard Security (recommended) - When an application requests and then is granted Internet access, the application receives full Internet access to handle incoming and outgoing traffic. Trusting Security - All applications are automatically trusted when they first attempt to access the Internet. However, you can configure Personal Firewall to use alerts to notify you about new applications on your computer. Use this setting if you find that some games or streaming media do not work. Open - Your firewall is disabled. This setting allows all traffic through Personal Firewall, without filtering. NOTE Previously blocked applications continue to be blocked when the firewall is set to the Open or Lockdown security setting. To prevent this, you can either change the application's permissions to Allow Full Access or delete the Blocked permission rule from the Internet Applications list. 4 Select additional security settings: NOTE If your computer runs Windows XP and multiple XP users have been added, these options are available only if you are logged on to your computer as an administrator. Record Intrusion Detection (IDS) Events in Inbound Events Log - If you select this option, events detected by IDS will appear in the Inbound Events log. The Intrusion Detection System detects common attack types and other suspicious activity. Intrusion detection monitors every inbound and outbound data packet for suspicious data transfers or transfer methods. It compares these to a "signature" database and automatically drops the packets coming from the offending computer. IDS looks for specific traffic patterns used by attackers. IDS checks each packet that your machine receives to detect suspicious or known-attack traffic. For example, if Personal Firewall sees ICMP packets, it analyzes those packets for suspicious traffic patterns by comparing the ICMP traffic against known attack patterns. User Guide 53

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
User Guide
53
Setting the security level
³
Tight Security
When an application requests a specific type of access to
the Internet (for example, Outbound Only Access), you can allow or
disallow the application an Internet connection. If the application later
requests Full Access, you can then grant Full Access or restrict it to
Outbound Only access.
³
Standard Security (recommended)
When an application requests and
then is granted Internet access, the application receives full Internet access
to handle incoming and outgoing traffic.
³
Trusting Security
All applications are automatically trusted when they
first attempt to access the Internet. However, you can configure Personal
Firewall to use alerts to notify you about new applications on your
computer. Use this setting if you find that some games or streaming media
do not work.
³
Open
Your firewall is disabled. This setting allows all traffic through
Personal Firewall, without filtering.
NOTE
Previously blocked applications continue to be blocked when
the firewall is set to the
Open
or
Lockdown
security setting. To
prevent this, you can either change the application's
permissions to
Allow Full Access
or delete the
Blocked
permission rule from the
Internet Applications
list.
4
Select additional security settings:
NOTE
If your computer runs Windows XP and multiple XP users
have been added, these options are available only if you are
logged on to your computer as an administrator.
³
Record Intrusion Detection (IDS) Events in Inbound Events Log
If you
select this option, events detected by IDS will appear in the Inbound
Events log. The Intrusion Detection System detects common attack types
and other suspicious activity. Intrusion detection monitors every inbound
and outbound data packet for suspicious data transfers or transfer
methods. It compares these to a “signature” database and automatically
drops the packets coming from the offending computer.
IDS looks for specific traffic patterns used by attackers. IDS checks each
packet that your machine receives to detect suspicious or known-attack
traffic. For example, if Personal Firewall sees ICMP packets, it analyzes
those packets for suspicious traffic patterns by comparing the ICMP traffic
against known attack patterns.