Manualshelf

Setup guide

ManualsBrandsMcafee ManualsOtherQUICKCLEAN 1.0
11121314151617181920
McAfee ePO
Advanced Suite Installer Product Guide
McAfee ePO
Advanced Suite Installer Page 15
• On the line that lists IPS Rules, click Edit Assignment.
• For Inherit from, select Break inheritance and assign the policy and settings below.
• From the Assigned Policy drop-down menu, select EASI - VMware exception policy.
• Click Save. The policy is now assigned to that group and all its subgroups.
4 Repeat the above steps for your Laptops group.
Host IPS Firewall
The firewall is stateful and offers location awareness and other advanced features, including IP reputation
filtering, part of McAfee’s Global Threat Intelligence (GTI). The Host IPS Firewall uses GTI to protect
endpoints from botnets, distributed denial-of-service (DDoS) attacks, command and control activity,
advanced persistent threats, and risky web connections.
McAfee collects data from billions of IP addresses and network ports, and calculates a reputation score
based on network traffic, including port, destination, protocol, and inbound and outbound connection
requests. The score reflects the likelihood that a network connection poses a threat, such as a connection
associated with botnet control.
Coupling a single firewall rule with a GTI-only policy lets you immediately receive the benefit of cloud
intelligence on known botnets and command and control centers. This is achieved with little effort,
minimal overhead, and no interference with your existing host or network firewall rules.
Enabling the Firewall
Follow these steps to assign a policy that simply enables the firewall and sets the sensitivity level for GTI
at Medium risk or higher. At this point, no firewall ruleset is active or assigned.
1 Click the System Tree button on the favorites bar.
2 Highlight the Workstations group.
3 Click the Assigned Policies tab.
• From the Product drop-down menu, select Host Intrusion Prevention 8.0: Firewall.
• On the line that lists Firewall Options, click Edit Assignment.
• For Inherit from, select Break inheritance and assign the policy and settings below.
• From the Assigned Policy drop-down menu, select EASI Enable FW and GTI.
• Click Save. The policy is now assigned to that group and all its subgroups.
4 Repeat the above steps for your Laptops group.
Configuring the GTI–Only Ruleset
The steps below assign a policy that allows all traffic, but uses GTI to perform lookups of IP reputations
and block connections to\from any posing a threat.
1 Click the System Tree button on the favorites bar.
2 Highlight the Workstations group.
3 Click the Assigned Policies tab.
• From the Product drop-down menu, select Host Intrusion Prevention 8.0: Firewall.
• On the line that lists Firewall Rules, click Edit Assignment.
• For Inherit from, select Break inheritance and assign the policy and settings below.
• From the Assigned Policy drop-down menu, select EASI GTI Only.
Click Save. The policy is now assigned to that group and all its subgroups.
4 Repeat the above steps for your Laptops group.
Answers to many common questions can be found in the
FAQ for Host Intrusion Prevention 8.0.