cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Level 10
Report Inappropriate Content
Message 1 of 4

Need suggestion

Hi,

In my current setup, we MWG doesnt allow downloads except for few sites to prevent users from downloading freewares due to compliance issues. Everytime we are adding the IP in GWL to make (software plugins, license activations etc) it work. Want to know if there is a easy way to achieve this. 

Thanks,

Sridhar

3 Replies
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: Need suggestion

Hello,

exceptions can be made based on much information such as Client/Destination IP, Application name (but this is really limited available, so not for every site) or per category (but this would allow directly multiple sites and seems not to be what you want).

So I think if you theoretically block anything and want to whitelist only specific sites/downloads, you unfortunately have to live with your way.

Another option would be to use client IP ranges or configure servers to use dedicated proxy port where you could create rules on MWG based on client IP (server IPs) or port range to allow servers to download all their updates etc. but as it tells, this would be client based and not destination based.

Regards,
Marcel Kutrieba
Technical Support Engineer
Highlighted
Level 10
Report Inappropriate Content
Message 3 of 4

Re: Need suggestion

thx for the response.

can you tell if we have a rule based on the client host names instead of IP's/usernames and will allow most of the categories. Will have a group in AD with computer accounts and will define in the rule. so the MWG has to authenticate against hostname, not sure if its possible or not. whenerver helpdesk needs an exception, they will add the hostname in AD.

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 4 of 4

Re: Need suggestion

Hello,

yes, there is a opportunity to get the hostname of a connecting client via this DNS property:
DNS.reverse.lookup(IP)

Please notice, your DNS/domain controller need to be properly configured in order to retrieve all client hostnames.
Also keep an eye on performance since this extra DNS traffic could further slow down entire connections if DNS is slow for example.

Regards,
Marcel Kutrieba
Technical Support Engineer
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community