cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
blewis
Level 9
Report Inappropriate Content
Message 1 of 4
‎02-26-2021 06:42 AM

Can the ENS Firewall block or allow printing based on location?

Jump to solution

We currently use the McAfee ENS Firewall, and I was asked to find out if it is possible to use the Firewall to allow printing when users are on our internal network, but block them from printing to home printers when they are working remotely.  

Thank you in advance for your help.

 

McAfee Endpoint Security 

McAfee Endpoint Security
McAfee
McAfee Endpoint Security
McAfee Enterprise Products
View in Store
0 Kudos
Reply
2 Solutions

Accepted Solutions
Dayananda
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4
‎02-26-2021 10:30 AM

Re: Can the ENS Firewall block or allow printing based on location?

Jump to solution

Hello,

 

Thank you for reaching out to the Mcafee community.

 

Yes, you can try to use the feature called "Location awareness group" and setup criteria and test it.

You should be knowing which ports and which protocol has been used to do the printing.

 

Refer to the below link for more ideas.

https://docs.mcafee.com/bundle/endpoint-security-10.6.0-firewall-client-product-guide-windows/page/G...

 

I hope this helps, let us know if you have any questions.

 

 

 

Regards,
Daya

View solution in original post

Reply
ktankink
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4
‎03-01-2021 02:26 PM

Re: Can the ENS Firewall block or allow printing based on location?

Jump to solution

Just to add a bit to the conversation here:

  • ENS Firewall does not have any specific functionality to allow/block printers based on location.
  • Printers can be setup with various configurations and this is likely going to be a factor in deciding IF and HOW a firewall can be configured to allow/block printing:
    • Is this a network-mapped or network-shared printer off another system or print server?
    • Is this a local printer?
    • Is the local printer setup to print via network IP address (e.g., wireless)?
    • Is the local printer setup by non-network connection (USB or older connections)
  • If printing over a network connection:
    • what process(es) does it use?  Svchost.exe, Windows SYSTEM process, or vendor-specific processes?
    • What network IP addresses and port numbers does it use?

These are just a few questions that I can think of, but you may be able to configure the Firewall to allow/block based on network-shared printers, but you'd need to get the fine details on how the system is connecting to the printer and see if firewall rules can be used to control that type of traffic.  ENS Firewall's Core Networking rules may be part of some of that "default allowed" network traffic that printing might use, such as the "Allow outbound system applications" or "Allow outbound stock applications" rules.; ref https://kc.mcafee.com/corporate/index?page=content&id=KB91206.

View solution in original post

Reply
3 Replies
Dayananda
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4
‎02-26-2021 10:30 AM

Re: Can the ENS Firewall block or allow printing based on location?

Jump to solution

Hello,

 

Thank you for reaching out to the Mcafee community.

 

Yes, you can try to use the feature called "Location awareness group" and setup criteria and test it.

You should be knowing which ports and which protocol has been used to do the printing.

 

Refer to the below link for more ideas.

https://docs.mcafee.com/bundle/endpoint-security-10.6.0-firewall-client-product-guide-windows/page/G...

 

I hope this helps, let us know if you have any questions.

 

 

 

Regards,
Daya

View solution in original post

Reply
blewis
Level 9
Report Inappropriate Content
Message 3 of 4
‎03-01-2021 12:25 PM

Re: Can the ENS Firewall block or allow printing based on location?

Jump to solution
Thank you!
0 Kudos
Reply
ktankink
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4
‎03-01-2021 02:26 PM

Re: Can the ENS Firewall block or allow printing based on location?

Jump to solution

Just to add a bit to the conversation here:

  • ENS Firewall does not have any specific functionality to allow/block printers based on location.
  • Printers can be setup with various configurations and this is likely going to be a factor in deciding IF and HOW a firewall can be configured to allow/block printing:
    • Is this a network-mapped or network-shared printer off another system or print server?
    • Is this a local printer?
    • Is the local printer setup to print via network IP address (e.g., wireless)?
    • Is the local printer setup by non-network connection (USB or older connections)
  • If printing over a network connection:
    • what process(es) does it use?  Svchost.exe, Windows SYSTEM process, or vendor-specific processes?
    • What network IP addresses and port numbers does it use?

These are just a few questions that I can think of, but you may be able to configure the Firewall to allow/block based on network-shared printers, but you'd need to get the fine details on how the system is connecting to the printer and see if firewall rules can be used to control that type of traffic.  ENS Firewall's Core Networking rules may be part of some of that "default allowed" network traffic that printing might use, such as the "Allow outbound system applications" or "Allow outbound stock applications" rules.; ref https://kc.mcafee.com/corporate/index?page=content&id=KB91206.

View solution in original post

Reply
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community


Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA

Consumer Support   |   Enterprise Support   |   McAfee.com

Legal   |   Privacy   |   Copyright © 2020 McAfee, LLC