3 Replies Latest reply on Feb 17, 2012 2:32 AM by DerFalk

    Advice for Configuring HIPS 8 Firewall policies needed

      Hello - I've been tasked with replacing our existing Trend IDF product with the McAfee HIPS one.


      Obviously, I've been asked to provide a like for like solution, or as close to it as possible.


      The requirement is that when connected to our LAN, the F/W doesn't block any traffic, (All Ingoing / All Outgoing Allowed), but connections to other networks are prevented, so the user can't be connect to our LAN and say a wireless hotspot at the same time.


      When not connected to our LAN, All Incoming traffic would be blocked, All Outgoing traffic would be allowed, and the single network at a time continues.


      With the Trend product, I accomplished this by creating a "On Domain" context, and an "Off Domain" context, and then assigning rules via the context.

      (On Domain was defined as "Locally connected to Domain", Off Domain is defined as "Not connected to Domain).


      In McAfee HIPS, I'm having difficulty working out how to achieve this. I've created a location "On Domain", defined as "Require that ePO be reachable", and can assign rules to that, but how can I create an "Off Domain" location, and am I even going about this in the right way?