Manualshelf

Product guide

ManualsBrandsMcAfee ManualsComputer equipmentFIREWALL 2.10
41424344454647484950
Recommended application protection configuration
Add basic rules to allow or block certain applications based on the checklist prepared earlier. During
this stage, do not add any rules for restricted network access or advanced rules for certain
binaries.
Verify and make sure that no third-party application protection and firewall products are installed
on the systems that are being used in the test environment.
Notify users that they are receiving new protection and provide solution steps wherever required.
Add rules for Apple-specific applications and binaries to block their execution and network access.
Reapply the rules, whenever the application is updated or upgraded in standalone mode. When the
system is managed by ePolicy Orchestrator, rules are automatically re-applied when the next policy
enforcement occurs.
While adding rules for applications that are dependent on binaries in different folders, also add
rules for dependent binaries.
Desktop firewall
The desktop firewall component provides a scalable solution to protect your Mac from unauthorized
network traffic.
The firewall comes with a stateful engine that provides flexibility in defining allowed network traffic for
your Mac. You can define rules based on various traffic parameters and group them for easier
management.
Here is the list of features of desktop firewall protection:
Stateful filtering — The stateful filtering and network packet inspection validate each packet for
different connections against predefined rules, holding the connection attributes in memory from
beginning-to-end.
Regular mode — When the network packet adheres to a rule’s condition, the associated action
defined in the rule is executed. If no matching rule is found, the network packet is blocked.
Adaptive mode — When the network packet matches a rule’s conditions, the associated action
defined in the rule is executed. If no matching rule is found, the network packet is allowed and a
rule is created to allow similar packets later. Use this option to fine tune your firewall rules.
In both these modes, the status of the TCP/UDP/ICMP connection is tracked to identify whether the
incoming packet is part of the existing connection.
New rules and grouping rules — You can create rules and group them for easier management.
DNS blocking — Blocks access to unwanted domains.
Location awareness — Creates separate rules for locations, such as office or home network.
Configuring protection preferences on a standalone Mac
Desktop firewall
4
McAfee Endpoint Protection for Mac 2.1.0 Product Guide
43