3 Replies Latest reply on May 4, 2017 8:06 PM by johnmoe

    Firewall Port Rules Auto-Creation

    eperalta@dti.com.mx

      Hi, guys.

       

      I'm new in the community, and i have a question: How can i automatically create port rules on ENS10.5 Firewall from ePO?

       

      Example: If i have a DomainConroller or an Hiper-V Server the client firewall blocks the connection tries and the server seems down to the users. There is a way to automatically create the port rules on the firewall policy for each server separately?

        • 1. Re: Firewall Port Rules Auto-Creation
          johnmoe

          You'd need to define ENS Firewall Rules policies for as many different configurations as you want.  Then you need to assign the policies to your systems by System Group and/or policy assignment rules.

           

          And are you new to the community?  Or new to McAfee ePO as well?  If the latter, you'll want to spend some time reading some of the Product Guides for what you're using in your environment, especially the ePO guide.

          • 2. Re: Firewall Port Rules Auto-Creation
            eperalta@dti.com.mx

            johnmoe thank you for the answer.

             

            Now responding to you, i'm new in the community, i have been taking some training on McAfee Partner Portal.

             

            I have read on the product guides about adaptive mode in firewall rules but it isn't very clear to me yet, and i'm getting some issues with the firewall on my servers, so i come here for some help.

             

            Can you give any example of usage? I've thinking about add many ports on the firewall rules but i think that it isn't a good practice or solution.

             

            Thaks again for the help

            • 3. Re: Firewall Port Rules Auto-Creation
              johnmoe

              I haven't used adaptive mode myself, for the same reason you mentioned.  It's not clear how it decides what to allow or not.  I got the feeling that it was meant to be something you put on for a while, and see what rules get created, and then go back and turn those into non-adaptive policies.  But I could be wrong.

               

              However, when I spoke about the product guides, the ePO one is really the main one.  Once you understand how ePO works, you get a good idea of how to configure products.