Product guide

• Allow outgoing for POP3, IMAP, SMTP

• Allow outgoing for RDP

• Allow outgoing for Idap

• Allow bi-directional for AFP/SMB, if you are using file sharing

Best practices for desktop firewall

We recommend that you configure these firewall rules that protect your system in line with your

organizational requirements.

• McAfee Endpoint Protection for Mac is shipped with a set of default firewall rules. We recommend

that you use them as starting point, and modify them according to your organizational

requirements.

• If your organization does not have a firewall policy or if this is the first time your organization uses

a firewall policy, we recommend that you use the default corporate policy. After, you can use the

Adaptive mode for further fine tuning.

We strongly suggest not to run Adaptive mode in production.

• Remember that Adaptive mode must be used to fine-tune the firewall rule sets. So, run Adaptive

mode only for short duration to identify the organizational requirements.

• Define Trusted Networks so that you re-use it within rules.

• Configure the DNS blocking feature to block the known unwanted domains.

• Enable the FTP inspection.

• Always use firewall rule groups to organize the rules in an efficient way.

• Make rules as specific as possible.

For example, to allow access to a particular website, provide the name or IP address, with the port

number.

• Use more specific rules on the top of the rules set and the generic one toward the end.

For example, to give access to a particular website for all Mac users in the organization except one

system, create a specific deny rule to block the website on that particular system first.

• Because desktop firewall validates rules using a top-down approach, we recommend that you

always revisit the rules completely to avoid the loopholes.

Configuring protection preferences on a standalone Mac

Desktop firewall

McAfee Endpoint Protection for Mac 2.1.0 Product Guide