What is the recommended method for handling multiple firewall policies?
In other tools you can apply a global policy and then apply child policies that merge in some fashion. Is this possible with McAfee Endpoint Security?
If I had a rule (in addition to the global ruleset) I wanted to apply as policy to just a machine or a group of machines, how should I go about doing that?
As far as I know, you can assign just one policy per module. The one policy with the highest priority counts (using assignment rules).
Applying one policy to just one subset of clients could be done:
- create OUs within system tree and assign different policies to the OUs
- create tags and assign different policies thru "policy assignment rules" based on tags (assign tags to the clients)