Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
991 Views 2 Replies Latest reply: Dec 21, 2012 5:12 AM by jj4sec RSS
jj4sec Champion 84 posts since
Nov 6, 2009
Currently Being Moderated

Nov 23, 2012 6:10 AM

Connection/domain awareness

I miss an option in HIPS to check if the machine can connect to the domain or not.

In microsoft FW it is possible to configure rules if the machine is domain connected or not and this is a very strong feature.

I this possible with McAfee ?

Does someone know if the Microsoft feature is someware available in the registry and if I can use that key to create connection aware rules ?

  • zaloorb Newcomer 18 posts since
    Sep 1, 2009
    Currently Being Moderated
    1. Nov 26, 2012 10:16 AM (in response to jj4sec)
    Re: Connection/domain awareness

    jj4sec,

     

    I believe the feature you are referring to is called Connection Aware Group (CAG) in HIPS 7 or Connection Isolation Group (CIG) in HIPS 8. It is thoroughly referenced in the product documentation:

     

    HIPS 7: https://kc.mcafee.com/corporate/index?page=content&id=PD20107

    ´╗┐HIPS 8: https://kc.mcafee.com/corporate/index?page=content&id=PD22894

     

    You can use this feature to create rule groups that follow a specific set of connection parameters such as:

     

    - IP Address

    - DNS Search Suffix

    - Default Gateway

    - DNS Server

    - DHCP Server

    - WINS Server

     

    You have a lot of options here but none that would directly reference domain connectivity. It would only be inferred by the above parameters but should work in most instances as, if the machines are connected to a specific domain, they should have a unique parameter from thst list above that could designate them as part of the domain.

     

    Hope this helps!

     

     

    Zaloorb

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points