cancel
Showing results for 
Search instead for 
Did you mean: 
msimard
Level 8

preventing virtual machine from going to the internet

Hi all, i'm trying to block a virtual machine from accessing only the internal network. The host on the other hand can go to the internet with the rules already in place in hips.

Is there a way to do this ? I've seen some stuff about blocking for a process ( vmware-vmx.exe ) but the result is not clear since in the thread there is no definite anwser.

thanks.

0 Kudos
4 Replies
McAfee Employee

Re: preventing virtual machine from going to the internet

HIPS 8.0 has the ability to define Source and Destination in Firewall rules.  You could try BLOCK OUTGOING firewall rule IF the source (local) IP is <Virtual Machine IP address>.

0 Kudos
msimard
Level 8

Re: preventing virtual machine from going to the internet

Could be done, but since we dont know wich ip addr. the VM are going to get.... The only thing we control is the host. I've try filtering bt process, but it does not seem to work. I'm using HIPS 7 and the VM are in bridge mode. Should i try with HIPS 8 ?

0 Kudos
McAfee Employee

Re: preventing virtual machine from going to the internet

HIPS 7.0 does not support VM Bridge mode.  HISP 8.0 does.  Yes, I would try HIPS 8.0.

KB59766 - Support statement for Host Intrusion Prevention 7.0 and VMware

0 Kudos
msimard
Level 8

Re: preventing virtual machine from going to the internet

im trying now with hips 8, but it does not seem to " catch " the rule where it is specified that only a process ( vmware-vmx.exe ) cannot go out.

I'm testing with iexplore.exe, to block this process from going out on the internet and only to local subnet, but it does not work either.

I'll open a ticket with support....

thanks anyway

0 Kudos