1 of 1 people found this helpful
This is not possible in the HIPS product itself (for IPS), as the IPS functionality has no "location awareness". It might be possible with ePO tagging and (external) Agent Handlers though (i.e., if the agent reports with an internal IP address, tag it with "Basic Protection"; if not, tag it with "Enhanced Protection").
The HIPS Firewall does have Location Aware Groups, which can apply Firewall rules based on network "locations" that you identify (allow all traffic when you're on the internal network; limited allow traffic when not).
See page 55 of: PD22894 - Host Intrusion Prevention 8.0 for ePO 4.5 Product Guide.
Thank you very much! That is amazing man!
This helps me a lot! I am now creating the Tags and Policy Assignment Rules based on the Tags as you mentioned. However I have another doubt.
I created a Tag using the TAG Catalog, and I realize that it applies the Tags in the systems that it matches.
Today, if a system is inside the network, it will receive the TAG "Internal" and then a Basic Policy will be implemented.
However, what does happen if the same system will be outside the network? It wil lose its Internal Tag?
I need to do this for the system identify when the laptop is outside the company.
PS.: I'll keep searching and I will analyze what you said about Agent Handlers to see if it helps me too.
I would suggest contacting the ePO server community for tagging-related questions (I haven't used them that much myself), but I believe you would have to remove the INTERNAL tag and apply the EXTERNAL tag.
Thank you very much! I will try doing what you suggested me, however it helps me a lot (I think that this will work just fine).