cancel
Showing results for 
Search instead for 
Did you mean: 
tancredi
Level 7

McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hello,

I have a computer on my network that I want to allow the ability to download large files (patch files and software updates etc). All other computers on my network are not granted the ability to download anything.

Is it possible to whitelist a particular device, perhaps using its MAC address or something, to download particular types of files (.exe's etc)?

I would appreciate some advice.

Thanks

0 Kudos
6 Replies
asabban
Level 17

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hello,

the MAC address is not available within the policy.

You could configure your DHCP server (in case there is any) to give a specific IP address to the MAC address of this computer. Then in MWG you can use Client.IP to allow this specific client IP address.

Best,

Andre

0 Kudos
tancredi
Level 7

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Thanks Andre. I will give that a try if possible. Much appreciated.

0 Kudos
Troja
Level 14

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hi all,

is there any new feature or information available? Today two customers want to build special policies for some clients.

The goal should be to assign a ruleset wo clients located in a given Active Directory OU.

Any ideas?

Cheers,

Thorsten

0 Kudos
asabban
Level 17

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hello,

what does "clients located in a given Active Directory OU" mean?

Is there a OU in Active Directory and the computer object are moved there like this:

Auswahl_263.png

Best,

Andre

0 Kudos
Troja
Level 14

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hi Andre,

yes you are absolutely right. Endnoed in your OU "My TestComputers" should get a defined ruleset in MWG.

Best,

Thorsten

0 Kudos
asabban
Level 17

Re: McAfee Web Gateway and Whitelisting Unique Devices for file downloading

Hello,

okay, I think this should be possible, however I think there is much work left for you to do, but I think I can give some hints to get started.

To do this we need two pieces of information.

Information 1: Hostname

Usually it should be possible to get it with DNS.Lookup.Reverse(Client.IP). In a windows environment the IP address should resolve to the computername. If it does not we won't be able to correctly access the hostname and you need to find a good way to get the computer name and send it to MWG somehow. Maybe this can be done with Java Script.

I did a small test and for my (very simply) AD structure the DNS property returned "winxp-1.securelabs.local" as my hostname. With the split properties I was able to cut the ".securelabs.local" part, so I had the computer name as it is stored in AD in a user-defined property.

Information 2: Machines in OU

In my test all I did was resolving all computers from one OU and store their names into a list of strings. So basically I have a user-defined property (list of strings) which contains the computer names. For my screenshot above the list contained:

WINXP-1

WINXP-5

To get this list I used the external list feature:

Auswahl_264.png

So MWG talks to the AD via LDAP and retrieves the "CN"s of all objects in my OU "MyTestComputers". This is basically a simple list of all computer names. I have one rule which stores the result of the list lookup into a user-defined property with the type "list of string".

Now you have a user-defined property containing the hostname and another one that contains a list of all computers in "MyTestComputers". It should be fairly simple to apply rules based on those properties.

Best,

Andre

0 Kudos