Product guide

ManualsBrandsMcafee ManualsOtherFIREWALL 2.1-GETTING STARTED

Option Definition

Log Level

Specifies the logging level for the Endpoint Intelligence Agent. By default, this is

selected as Error. You can select other logging levels like Fatal, Error, Warn, and

Debug based on your need.

Log Numbers

Specifies the number of times the log files are rotated in the system. After this

limit, the log files are removed. For example, if the log number is 0, the old

versions are removed. The default value is 10.

Log Size

Specifies the limit of log file size in MB. Once the log files reach this log size,

they are rotated as per the Log Numbers. The maximum log file size is 2048 MB.

By default, this value is set to 10 MB.

Firewall Retry

Interval

[Error occurrence] Specifies the waiting time in milliseconds before retrying a

connection to the gateway. The maximum time limit is 5000 milliseconds. By

default, this value is set to 1000.

Firewall Recovery

Interval

[Recovery from a slow firewall connection] Specifies the time in milliseconds

prior to reducing the delay on sending packets to the firewall. The maximum

time limit is 60000 milliseconds. By default, this value is set to 3000

milliseconds.

Firewall Backoff

Percentage

[Slow firewall connection detected] Specifies the percentage increase in the

current delay period. This increases the amount of time Endpoint Intelligence

Agent gets to send connection information to firewall and for firewall to process

this connection information. The percentage range is 200 to 999. By default,

this value is set to 500.

Firewall Backoff

Maximum Interval

Specifies the amount of time to send and process the connection information.

The time range is 5 to 100 milliseconds. By default, this value is set to 10

milliseconds.

Enable Discovery

Specifies the firewall automatically discovers endpoints that have Endpoint

Intelligence Agent. By default, this checkbox is deselected.

DTLS Keep Alive

Specifies the intervals in seconds at which an endpoint sends acknowledgments

to the firewall.

• If the Enable Discovery of Agent by Firewall checkbox is deselected, the time range is

10 to 60 seconds. By default, this value is set to 20 seconds.

• If the Enable Discovery of Agent by Firewall checkbox is selected, the time range is 60

to 300 seconds. By default, this is set to 180 seconds.

Firewall Session

Expiry

Specifies the maximum amount of time in minutes for which the firewall session

exists. After this time, the session times out. The session time range is 10 to

300 minutes. By default, this value is set to 60 minutes.

Ignore Virtual Traffic

Specifies ignoring traffic from virtual adaptors. By default, this checkbox is

selected.

Reputation

Threshold

Specifies the reputation score below which an executable is considered

malicious. By default, this value is set to Medium.

GTI Expiry

Specifies the time after which the GTI cache entries expire. By default, this

value is set to 3600 seconds.

MD5 Relaxation

Used to configure the speed at which MD5 calculation happens inside McAfee

EIA. Increasing the MD5 relaxation reduces the CPU used by McAfee EIA

processes, also slowing down the reputation computation. The MD5 Relaxation

is calculated in milliseconds. The default value is 20.

Configure Endpoint Intelligence Agent on Firewall Enterprise

Configure policy

Endpoint Intelligence Agent 2.1.0 Product Guide