cancel
Showing results for 
Search instead for 
Did you mean: 
kink80
Level 12

HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

I noticed after installing HIPS 8.0 that in the HIPS Client Console there is a rule listed on the bottom as "Block All Traffic". This rule is on every one of my polices migrated or not migrated, even on newly created rules. Is this rule supposed to be there? I cannot modify this rule at all through the Client Console or the EPO server policy catalog. In fact this rule does not even show up if I look in the Policy settings. Thanks in advance.

Message was edited by: kink80 on 1/6/11 2:04:09 PM GMT-06:00
0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Correct.  Any manually-created, learned or ePO policy rules will be above this Block All Traffic rule (basically, the rule has just been unhidden; it was always there before).

0 Kudos
7 Replies
McAfee Employee

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Yes, this is the same "Block all traffic" rule that was in HIPS 7.0, however it was a hidden rule then.  In HIPS 8.0, the rule is now visible and if traffic is blocked by this rule, the rule name will be listed in the Activity log (instead of HIPS 7.0 the rule name would not be listed).

0 Kudos
kink80
Level 12

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Thanks for the clarification. So all of my rules that are listed above this "Block All Traffic" rule will be evaluated prior to reaching this rule?

0 Kudos
McAfee Employee

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Correct.  Any manually-created, learned or ePO policy rules will be above this Block All Traffic rule (basically, the rule has just been unhidden; it was always there before).

0 Kudos
kink80
Level 12

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Thats what I wanted to hear. Thanks again!

0 Kudos
hemantk
Level 12

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Hello Kary...

I have created Allow Loopback rule But still i'm getting Logs as Block All Traffic on HIPS client. Also i have added Trusted network.

The rule Allow Loopback is above the Block All Traffic rule, so the Allow loopback rule has to evaluated before Block All traffic Rule is it right ???..

But in my case it is not happening, as i'm getting Logs for Block All Traffic.

Need Help on this....

Thanks in advance.

0 Kudos
McAfee Employee

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Any rules created in the firewall policy will be evaluated before the traffic is blocked by this inherited BLOCK ALL RULE.  Make sure that the traffic being blocked matches your new ALLOW firewall rule though.

If you are still seeing an issue, please open a Service Request with our Support team to have this reviewed further.

hemantk
Level 12

Re: HIPS 8 Default "Block All Traffic" Firewall Rule

Jump to solution

Thanks you so much Kary........

Actually the rule was not configured properly...

0 Kudos