Hopefully an easy one for you pros. I'm newb just learning ENS and want to put an exclusion on the clients to allow traffic from one server. (sccm box)
I can't really figure out how to do this on the EPO sever in the rules section.
Any tips - pointers. please.
Thanks
Our product guide on pg.137 covers this.- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26799/en_US/...
but short answer:
Name: Whatever you want
Status: Enable
Action: Allow
Direction: Either or In (depending if you want to allow return or out or not)
Notes: N/A
Network Protocol: Select your protocol (Any, IPv4 or IPv6)
Connection type: Keep all three selected unless you want to control wireless/wired connections only
Specify networks: This is where you need to specify what ip address is allowed, Is it internal or external. (example: 192 would be internal, 66.xxx is external network)
Transport: All protocols
Then click save.
.
Then on the Firewall Rules List make sure your rule is above anything that is set to block. (firewall rules work top down on the list).
Let me know if you have questions or please send me screen shots.
McAfee Support
Benjamin Ellis
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
That shows how to do it on the Client - here's how to do it in ePO:
Hope this helps!
@BenEllis wrote:Our product guide on pg.137 covers this.- https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26799/en_US/...
but short answer:
- Go into EPO
- Go into Policy Catalog
- Select Endpoint Secuirty firewall under product at the top
- Select/Create your firewall Rules policy
- Create add rule
Name: Whatever you want
Status: Enable
Action: Allow
Direction: Either or In (depending if you want to allow return or out or not)
Notes: N/A
Network Protocol: Select your protocol (Any, IPv4 or IPv6)
Connection type: Keep all three selected unless you want to control wireless/wired connections only
Specify networks: This is where you need to specify what ip address is allowed, Is it internal or external. (example: 192 would be internal, 66.xxx is external network)
Transport: All protocols
Then click save.
.
Then on the Firewall Rules List make sure your rule is above anything that is set to block. (firewall rules work top down on the list).
Let me know if you have questions or please send me screen shots.
Additionally, if you edit the ENS Firewall Options policy and add it as a Trusted IP address in the Defined Networks section, the Firewall will allow all traffic to/from that IP address without the need for a specific firewall rule (e.g., an implicit trust for that IP address).
If you're wanting to allow only certain traffic to/from that IP address, then use a Firewall rule as Ben mentioned above.
Which one was useless, My steps i gave you was from Firewall Policy in epo direct.
Did it not work for you? Did you make sure your rule was at the top of the list?
McAfee Support
Benjamin Ellis
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Can you show us how your rule is setup? Is it at the top of the list.
McAfee Support
Benjamin Ellis
Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?
Hi There, can someone please help in unblocking the our Cisco AnyConnect VPN? were having issue at this moment as most of the users are working remotely which requires VPN to have access to our network. The problem is, when the laptop gets Quarantined (IPv6 Blocking then comes All IP Blocking is the sequence of the Firewall Rules). What happens is when the infected users got those Blocking policy via automatic response, we can no longer bring their machine out of Quarantine as the blocking policy stays the same because the VPN is not reconnecting and it will result for the McAfee Agent to failed communicate to the ePO server. Any suggestions would be a great help!
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA