McAfee® Host Intrusion Prevention 6.1 Product Guide | Host Intrusion Prevention Client |
| Windows client |
9
Blocked Hosts tab
Use the Blocked Hosts tab to monitor a list of blocked hosts (IP addresses) that is automatically created when Network IPS (NIPS) protection is enabled (see IPS Policy options on page 142). If Create Client Rules is selected in the IPS Options policy in the ePolicy Orchestrator console, you can add to and edit the list of blocked hosts.
Figure 9-11 Blocked Hosts tab
Blocked Hosts list
You can view and edit the list of blocked addresses. Edits include adding, removing, editing blocked hosts, and viewing blocked host details.
The blocked hosts list shows all hosts currently blocked by Host Intrusion Prevention. Each line represents a single host. You can get more information on individual hosts by reading the information in each column.
Column | What it shows |
|
|
Source | The IP address that Host Intrusion Prevention is blocking. |
|
|
Blocked Reason | An explanation of why Host Intrusion Prevention is blocking |
| this address. |
| If Host Intrusion Prevention added this address to the list |
| because of an attempted attack on your system, this column |
| describes the type of attack. |
| If Host Intrusion Prevention added this address because one |
| of its firewall rules used the Treat rule match as intrusion |
| option, this column lists the name of the relevant firewall rule. |
| If you added this address manually, this column lists only the |
| IP address that you blocked. |
|
|