Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
Host Intrusion Prevention 7.0.0 for ePO 4.0 Product Guide - McAfee
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Configuring Firewall Policies<br />
Working with Firewall Rules policies<br />
Access to Firewall Client Rules on the <strong>Host</strong> IPS tab under Reporting requires additional<br />
permissions other than that <strong>for</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> Firewall, including view permissions<br />
<strong>for</strong> Event Log, Systems, and System Tree access.<br />
Task<br />
For option definitions, click ? on the page displaying the options.<br />
1 Go to Reporting | <strong>Host</strong> IPS | Firewall Client Rules.<br />
Figure 22: Firewall Client Rules<br />
2 Select the group in the System Tree <strong>for</strong> which you want to display client rules.<br />
3 Determine how you want to view the list of client rules:<br />
To...<br />
Select columns to display<br />
Sort by a column<br />
Filter <strong>for</strong> groups<br />
Filter <strong>for</strong> creation time<br />
Filter <strong>for</strong> searched text<br />
Aggregate rules<br />
Do this...<br />
Select Choose Columns from the Options menu. In<br />
the Select Columns page, add, remove, or reorder the<br />
columns <strong>for</strong> the display.<br />
Click the column header.<br />
From the Filter menu select This Group Only or This<br />
Group and All Subgroups.<br />
Select the time the rule was created: None, Since, or<br />
Between. When selecting Since, enter a beginning date;<br />
when selecting Between, enter both a beginning and<br />
ending date. Click Clear to remove filter settings.<br />
Type the process path, process name, user name,<br />
computer name, or signature ID to filter on. Click Clear<br />
to remove filter settings.<br />
Click Aggregate, select the criteria on which to<br />
aggregate rules., then click OK. Click Clear to remove<br />
aggregation settings.<br />
4 To move rules to a policy, select one or more in the list, click Create Firewall Rule, then<br />
indicate the policy to which to move the rules.<br />
<strong>McAfee</strong> <strong>Host</strong> <strong>Intrusion</strong> <strong>Prevention</strong> 7.0 <strong>Product</strong> <strong>Guide</strong> <strong>for</strong> use with ePolicy Orchestrator <strong>4.0</strong><br />
63