Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Configuring Firewall Policies<br />
Working with Firewall Rules policies<br />
Creating firewall connection-aware groups<br />
Use this task to create a connection-aware group. These groups let you manage a set of rules<br />
that apply only when connecting to a network using a wired, wireless, or non-specific connection<br />
with particular parameters. Groups appear in the rule list in blue preceded by an arrow. Click<br />
the arrow to show or hide the rules within the group<br />
Task<br />
For option definitions, click ? on the page displaying the options.<br />
1 On the Firewall Rules policy page, click Add Connection Aware Group.<br />
2 Type a name <strong>for</strong> the group in the Name field.<br />
3 Under Connection type, select the type of connection (LAN, Wireless, Any) to which<br />
to apply the rules in this group.<br />
4 Select Isolate this connection to block traffic coming from sources other than from a<br />
single specified connection.<br />
5 Under New Criterion, select a category of criterion to apply to the rule. Click Add Criterion<br />
to display an additional field in which to type the new matching criterion.<br />
NOTE: If you select Any as the connection type, you are required to select either IP<br />
Address or DNS Suffix and edit the corresponding list. Specify a DHCP server MAC<br />
address only <strong>for</strong> DHCP servers on the same subnet as the client. Identify remote DHCP<br />
servers only by their IP address.<br />
6 Click the Add button to append more criteria in the same category. Click the Remove button<br />
or Remove All to eliminate one or all of the previously added criteria in the selected<br />
category.<br />
7 Click OK.<br />
Adding predefined firewall rules<br />
Use this task to add predefined firewall rules that match your needs immediately or after you<br />
have edited them.<br />
Task<br />
For option definitions, click ? on the page displaying the options.<br />
1 On the Firewall Rules policy page, click Predefined Rules.<br />
2 Select one or more predefined groups, or one or more predefined rules within a group.<br />
3 Click Add to Policy to add the selected groups and rules; click View to view details of a<br />
selected group or rule.<br />
4 Click Cancel to return to the Firewall Rulespolicy page.<br />
Managing Firewall client rules<br />
Use this task to analyze Firewall client rules created either automatically in adaptive or learn<br />
mode or manually <strong>for</strong> a group of clients, then determine which if any client rules to move to a<br />
Firewall Rules policy.<br />
NOTE:<br />
62<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong>