McAfee® Host Intrusion Prevention 6.1 Product Guide

Firewall Policies

 

Configuring the Firewall Rules policy

5

Select this

For this protection...

policy...

 

Minimal (Default)

Learning Starter

Client Medium

Client High

„Blocks any incoming ICMP traffic that an attacker could use to gather information about your computer. Host Intrusion Prevention allows all other ICMP traffic.

„Allows Windows file sharing requests from computers in the

same subnet, and blocks file sharing requests from anyone else. (The Trusted Networks policy must have Include Local Subnet Automatically selected.)

„Allows you to browse Windows domains, workgroups, and computers.

„Allows all high incoming and outgoing UDP traffic.

„Allows traffic that uses BOOTP, DNS, and Net Time UDP ports.

„Blocks incoming ICMP traffic that an attacker could use to gather information about your computer. Host Intrusion Prevention allows all other ICMP traffic.

„Allows Windows file sharing requests from computers in the

same subnet, and blocks file sharing requests from anyone else. (The Trusted Networks policy must have Include Local Subnet Automatically selected.)

„Allows you to browse Windows domains, workgroups, and computers.

„Allows traffic that uses BOOTP, DNS, and Net Time UDP ports.

„Allows only ICMP traffic needed for IP networking (including outgoing pings, trace routes, and incoming ICMP messages). Host Intrusion Prevention blocks all other ICMP traffic.

„Allows UDP traffic necessary for accessing IP information (such as your own IP address, or the network time). This protection level also allows traffic on high UDP ports (1024 or higher).

„Allows Windows file sharing, but only for a local subnet. You cannot browse outside your local subnet, and this protection blocks anyone outside your subnet from accessing files on

your computer. (The Trusted Networks policy must have

Include Local Subnet Automatically selected.)

Use this protection level if you are under attack or at high risk of an attack. This protection level allows only minimal traffic in and out of your system.

„Allows only ICMP traffic necessary for proper networking. This protection blocks both incoming and outgoing pings.

„Allows only UDP traffic necessary for accessing IP information (such as your own IP address or the network time).

„Blocks Windows file sharing.

82

Page 81 Page 83
Page 82
Image 82
McAfee 6.1 manual Include Local Subnet Automatically selected
Page 81 Page 83
Top Page Image Contents