cancel
Showing results for 
Search instead for 
Did you mean: 
robinma2000
Level 7

Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

Newbie here - don't hate me...

We are finding that LANDesk remote control is blocked by HIPS V8, we have also discovered that by overriding the local client and disabling the firewall LANDesk remote control does work.

We have compared how our previous HIP V7 clients were configured and we can see that two Trusted Networks have been added to the FIrewall configuration.

The question is this: If you add in a Trusted Network range does this imply that all Firewall rules do not apply to this trusted network, or is there an additional step/configuration that has to be done additonal to this?

Before we set off down the adaptive rules etc we really just want to stop the firewall being enabled if it is a known network.

0 Kudos
1 Solution

Accepted Solutions
dcobes
Level 9

Re: Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

That configuration will only help you for the IPS portion of HIPS, for the firewall portion you still need to make a rule that allows the traffic in/out for your application. The quickest way to test this (I say test because you should lock down the rule more, but that's up to you) is to

01 - create a new rule for EITHER direction

02 - Specifiy remote network as "TRUSTED" (this pulls from your trusted network policy; if you don't want all in your trusted network policy, then you can add the subnet ranges instead); you will more than likely need to specifiy a local network, as well (in this case probably "Local subnet")

03 - Any Protocol

04 - Save

05 - Push out new policy/perform wake-up

06 - Test application

If application works, I'd suggest adding the application executables to the application section of the firewall rule and only allowing the specific ports needed in the transport option section.

I quickyl created the test rule so you can see the final output:

Community_Answer.png

4 Replies
dcobes
Level 9

Re: Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

Are you adding the Trusted Networks to the Trusted Network Policy or are you adding them within your firewall rule?

-d

0 Kudos
robinma2000
Level 7

Re: Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

This is how we have done it

Policy Catologue, Product = HIPs 8(general), Catergory = Trusted networks (windows)

Policy  - we renamed mydefault to name_policy

and we entered 172.26.0.0/16 and 172.24.0.0./16

and trusted both for IPS and enabled local subnets automatically

hope that makes sense

0 Kudos
dcobes
Level 9

Re: Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

That configuration will only help you for the IPS portion of HIPS, for the firewall portion you still need to make a rule that allows the traffic in/out for your application. The quickest way to test this (I say test because you should lock down the rule more, but that's up to you) is to

01 - create a new rule for EITHER direction

02 - Specifiy remote network as "TRUSTED" (this pulls from your trusted network policy; if you don't want all in your trusted network policy, then you can add the subnet ranges instead); you will more than likely need to specifiy a local network, as well (in this case probably "Local subnet")

03 - Any Protocol

04 - Save

05 - Push out new policy/perform wake-up

06 - Test application

If application works, I'd suggest adding the application executables to the application section of the firewall rule and only allowing the specific ports needed in the transport option section.

I quickyl created the test rule so you can see the final output:

Community_Answer.png

robinma2000
Level 7

Re: Newbie - HIPS, Firewall, Trusted Networks and LANDesk Remote Control

Jump to solution

Well done my friend - easy when you know how - you have cut short three days of bad language and tantrums!

No - seriously heartfelt thanks!

0 Kudos