Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
733 Views 1 Reply Latest reply: Nov 29, 2012 11:55 AM by greatscott RSS
harik Newcomer 10 posts since
Nov 21, 2012
Currently Being Moderated

Nov 28, 2012 4:25 PM

Any help or suggestion???

Hi,

 

I am trying to create HIPS policy, please help.

 

My requirement is as below

 

1) Traffic need to allowed to trusted networks when in Office

2) Specific traffic/rules need to be allowed in VPN

3) Allow traffic for hotspot registration

4) Allow few traffic and block all other traffic in other locations.

 

And am also confused on connection isolation option

Not not able to create one rule all in one for ex: allow trafffic source x, destination y, ports: TCP A,B UDP C - this need to be done using group of rules???

Thanks in Advance!!!

  • greatscott Champion 287 posts since
    Jul 18, 2011
    Currently Being Moderated
    1. Nov 29, 2012 11:55 AM (in response to harik)
    Re: Any help or suggestion???

    Do this:

     

    1.)Create 1 Trusted Networks policy. Put your office Subnet into this policy.

    2.)Create a Firewall Rules Policy. In this policy, put a Connection Isolation Group. Define your office subnet in this Connection Isolation Group, use something common, like a DNS Server address, DHCP Server address, etc. In the Network Options section, define your office network subnets. Once a system matches this criteria in its tcp/ip settings, it will receive the rules that are within the Connection Isolation Group

    3.) Add a Firewall Rule inside your Connection Isolation Group. In this rule, Create a description, select "Allow", then in the "Network Options" tab, select "Add from Catalog", then select "Trusted Networks".

     

    Essentially what steps 2 and 3 are doing is creating a condition. If your user is at the office (or VPN'ed in), they are going to allow traffic from the networks defined in your "trusted networks" list.

     

    4.) If you wanted to create special rules for users who are VPN'ed in, create another Connection Isolation Group above the first one I explained. In this group, make your Connection Isolation Criteria your VPN IP range. In this group, create the rules that you want specifically applied to VPN users.

     

    Sounds like you have some other requirements, but through creative use of groups, you can likely get something to work to fit your needs.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points