McAfee MTP08EMB3RUA Product Guide - Page 89

Using Firewall Protection

Page 89 highlights

5 Using Firewall Protection Firewall protection checks for suspicious activity in communications sent between client computers and network resources or the Internet. As the administrator, you can define what constitutes suspicious activity and how firewall protection responds to: • IP addresses and communication ports that attempt to communicate with your computer. You can specify whether to allow or block communications from other IP addresses on your network or outside your network, or you can identify specific IP addresses and ports to allow or block. • Applications that attempt to access the Internet. You can use McAfee's recommendations for safe Internet applications, or you can identify specific applications to allow or block. You can also select firewall protection's response to detections of unrecognized applications. Firewall protection has two primary modes: users configure firewall settings and an administrator configures firewall settings. The McAfee default policy is configured to let client computer users decide which communications and applications firewall protection allows. The administrator setting puts all or partial control with the administrator. To ensure the highest level of protection for your network, McAfee recommends that an administrator configure the firewall protection settings in one or more policies, which are then assigned to client computers. When an administrator sets firewall protection, it is important that the applications and communications that are important to your users are allowed before deploying the policy. This ensures that no important communications are blocked. Contents Connection type and detections of incoming communications Firewall protection mode and detections of unknown applications The role of IP addresses The role of system service ports Firewall configuration Configuring policy options Configuring custom connections Installing and enabling firewall protection at the policy level Managing detections Reports for firewall protection Best practices (firewall protection) Frequently asked questions McAfee Total Protection Service 5.1.5 Product Guide 89

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175

5
Using Firewall Protection
Firewall protection checks for suspicious activity in communications sent between client computers and
network resources or the Internet.
As the administrator, you can define what constitutes suspicious activity and how firewall protection
responds to:
IP addresses and communication ports that attempt to communicate with your computer. You can
specify whether to allow or block communications from other IP addresses on your network or
outside your network, or you can identify specific IP addresses and ports to allow or block.
Applications that attempt to access the Internet. You can use McAfee's recommendations for safe
Internet applications, or you can identify specific applications to allow or block. You can also select
firewall protection's response to detections of unrecognized applications.
Firewall protection has two primary modes: users configure firewall settings and an administrator
configures firewall settings. The McAfee default policy is configured to let client computer users decide
which communications and applications firewall protection allows. The administrator setting puts all or
partial control with the administrator.
To ensure the highest level of protection for your network, McAfee
recommends that an administrator configure the firewall protection
settings in one or more policies, which are then assigned to client
computers. When an administrator sets firewall protection, it is
important that the applications and communications that are important
to your users are allowed before deploying the policy. This ensures that
no important communications are blocked.
Contents
Connection type and detections of incoming communications
Firewall protection mode and detections of unknown applications
The role of IP addresses
The role of system service ports
Firewall configuration
Configuring policy options
Configuring custom connections
Installing and enabling firewall protection at the policy level
Managing detections
Reports for firewall protection
Best practices (firewall protection)
Frequently asked questions
5
McAfee Total Protection Service 5.1.5 Product Guide
89