McAfee UTILITIES 4.0 Guia do Utilizador Página 54
- Página / 112
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
Connection isolation on the corporate network
Connection rules are processed until the Connection-Aware Group with corporate LAN connection
rules is encounterd. This CAG contains these settings:
• Connection type=LAN
• DNS suffix=mycompany.com
• Isolate this Connection =yes
The computer has both LAN and wireless network adapters and connects to the corporate
network with a wired connection, but the wireless interface is still active, so it connects to a
hotspot outside the office. The computer connects to both networks because the rules for basic
access are at the top of the firewall rules list. The wired LAN connection is active and meets
the criteria of the corporate LAN CAG. The firewall processes the traffic through the LAN but
because connection isolation is enabled, all other traffic not through the LAN is blocked.
Connection isolation at a hotel
Connection rules are processed until the Connection-Aware Group with VPN connection rules
is encounterd. This CAG contains these settings:
• Connection type=Any
• DNS suffix=vpn.mycompany.com
• IP Address=an address in a range specific to the VPN concentrator
• Isolate this Connection =yes
General connection rules allow the set-up of a timed account at the hotel to gain internet access.
The VPN connection rules allow connection and use of the VPN tunnel. After the tunnel is
established, the VPN client creates a virtual adapter that matches the criteria of the VPN CAG.
The only traffic the firewall allows is inside the VPN tunnel and the basic traffic on the actual
adapter. Attempts by other hotel guests to access the computer over the network, either wired
or wireless, are blocked.
How learn and adaptive modes affect the firewall
When you enable the firewall, Host Intrusion Prevention continually monitors the network traffic
that a computer sends and receives. It allows or blocks traffic based on the Firewall Rules policy.
If the traffic cannot be matched against an existing rule, it is automatically blocked unless the
firewall is operating in learn mode or adaptive mode.
In learn mode, Host Intrusion Prevention displays a learn mode alert when it intercepts unknown
network traffic. This alert prompts the user to allow or block any traffic that does not match an
existing rule, and automatically creates corresponding dynamic rules for the non-matching
traffic. You can enable learn mode for incoming communication only, for outgoing communication
only, or both.
In adaptive mode, Host Intrusion Prevention automatically creates an allow rule to allow all
traffic that does not match any existing bock rule, and automatically creates dynamic allow
rules for non-matching traffic.
For security reasons, when the learn mode or adaptive mode is applied, incoming pings are
blocked unless an explicit allow rule is created for incoming ICMP traffic. In addition, incoming
traffic to a port that is not open on the host will be blocked unless an explicit allow rule is
created for the traffic. For example, if the host has not started telnet service, incoming TCP
traffic to port 23 (telnet) is blocked even when there is no explicit rule to block this traffic. You
can create an explicit allow rule for any desired traffic.
Configuring Firewall Policies
Overview of Firewall policies
McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.054
- Product Guide 1
- Basic protection 8
- Advanced protection 8
- IPS policies 8
- Firewall policies 8
- Policy management 9
- Policy tracking and tuning 10
- Preset protection 11
- Adaptive and learn mode 11
- Dashboards and queries 12
- Managing Your Protection 13
- Management of policies 16
- Where to find policies 17
- Configuring polices 18
- Automatic tuning with clients 19
- Management of systems 20
- Host IPS server tasks 21
- Host IPS protection updates 22
- Checking in update packages 23
- Updating clients with content 23
- Configuring IPS Policies 24
- Behavioral rules 25
- Reactions 26
- Exception rules 26
- Working with IPS signatures 30
- Creating signatures 33
- Creating exception rules 39
- Working with IPS events 40
- Managing IPS events 41
- Managing IPS client rules 43
- Configuring Firewall Policies 45
- Stateful packet filtering 46
- Stateful packet inspection 46
- State table 47
- State table functionality 47
- How firewall rules work 47
- How stateful filtering works 48
- Stateful protocol tracking 49
- Overview of Firewall policies 51
- Firewall client rules 55
- Quarantine policies and rules 55
- 4 Click Save to save changes 60
- Creating firewall rule groups 61
- Configuring General Policies 76
- Unlocking the Windows client 78
- Working with Host Intrusion 81
- Prevention Clients 81
- Creating 85
- System tray icon 86
- Setting client UI options 87
- Client error reporting 88
- Windows client alerts 90
- Responding to Firewall alerts 91
- About the IPS Policy tab 93
- About the Firewall Policy tab 94
- About the Blocked Hosts tab 96
- About the Activity Log tab 98
- Solaris client issues 100
- Client installation issues 100
- Client operations issues 100
- Stopping the Solaris client 101
- Overview of the Linux client 102
- Notes about the Linux client 103
- Linux client issues 103
- Stopping the Linux client 105
- Restarting the Linux client 105
- (continued) 107
Manuais e produtos relacionados com Software McAfee UTILITIES 4.0
Software McAfee QUICKCLEAN 3.0 Guia do Utilizador
(41 páginas)
(41 páginas)
Software McAfee UNINSTALLER 6.0 Guia do Utilizador
(99 páginas)
(99 páginas)
Software McAfee QUICKCLEAN 1.0 Guia de Instalação
(29 páginas)
(29 páginas)
Software McAfee QUICKCLEAN 1.0 Guia do Utilizador
(41 páginas)
(41 páginas)
Software McAfee UTILITIES 4.0 Manual do Utilizador
(11 páginas)
(11 páginas)
Software McAfee QUICKCLEAN 1.0 Manual do Utilizador
(22 páginas)
(22 páginas)
Software McAfee GUARD DOG 2 Guia do Utilizador
(128 páginas)
(128 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.066 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais