cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 7
Report Inappropriate Content
Message 1 of 4

Application Defense Group and Profile

Jump to solution

Hi Everyone,

I was reading the MCafee Product guide.

IT says that there are 5 predefined Application Defense Groups and 5 Application Defense Profiles.

Also all 5 have same name in both Application Defense Group and Application Defense Profile.

Little confused are Application Defense Group and Profile is same thing?

Is Application defense group===application Defense profile?

Is there any difference between two?

Regards

Mike

1 Solution

Accepted Solutions
Highlighted
Level 14
Report Inappropriate Content
Message 2 of 4

Re: Application Defense Group and Profile

Jump to solution

Mike,

If you had worked with an earlier version of the product this can be a little confusing. As with your 'proxy' question, I suggest you have a look at Sam Liedl's document on how the various elements of v8 hang together.

In older versions of the product, the proxy/service definition included basic protocol settings and time-out values and if you then wanted to apply specific protocol-level tweaks (filtering out protocol commands and such like) you then created and applied an application defense to the rule.

With v8, the basic settings have been removed from the service definition - so if you create a service on TCP port 1234, that is all it is and nothing more. Now when you create the rule, you must apply an application defense group. An application defense group must include a "generic" defense entry (this is the basic timeout values) and can then include one or more protocol-specific application defenses. How these are configured makes all the difference on how traffic passing through that rule is handled and this is what Sam's document explains.

-Phil.

View solution in original post

3 Replies
Highlighted
Level 14
Report Inappropriate Content
Message 2 of 4

Re: Application Defense Group and Profile

Jump to solution

Mike,

If you had worked with an earlier version of the product this can be a little confusing. As with your 'proxy' question, I suggest you have a look at Sam Liedl's document on how the various elements of v8 hang together.

In older versions of the product, the proxy/service definition included basic protocol settings and time-out values and if you then wanted to apply specific protocol-level tweaks (filtering out protocol commands and such like) you then created and applied an application defense to the rule.

With v8, the basic settings have been removed from the service definition - so if you create a service on TCP port 1234, that is all it is and nothing more. Now when you create the rule, you must apply an application defense group. An application defense group must include a "generic" defense entry (this is the basic timeout values) and can then include one or more protocol-specific application defenses. How these are configured makes all the difference on how traffic passing through that rule is handled and this is what Sam's document explains.

-Phil.

View solution in original post

Highlighted
Level 14
Report Inappropriate Content
Message 3 of 4

Re: Application Defense Group and Profile

Jump to solution

Here is the document I have been referring to -

Highlighted
Level 7
Report Inappropriate Content
Message 4 of 4

Re: Application Defense Group and Profile

Jump to solution

Many thanks Phil i will have look.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community