Filter
Top Products
69
McAfee
®
Host Intrusion Prevention 6.1 Product Guide Firewall Policies
Overview
5
Overview
The Host Intrusion Prevention firewall protects a networked computer from intrusions
that compromise data, applications, or the operating system. It provides this protection
by working at several layers of the network architecture, where different criteria are
used to restrict network traffic. This network architecture is built on the seven-layer
Open System Interconnection (OSI) model, where each layer handles specific network
protocols.
HIP 6.0 rules
The firewall in Host Intrusion Prevention 6.0 worked basically at Network Layer 3 and
Transport Layer 4, routing network packets to their destination. At these layers the
firewall uses static packet filtering with top-down rule matching. When a packet is
analyzed and matched with a firewall rule, criteria such as IP address, port number, and
packet type are used to allow or block the packet. If no matching rule is found, the
packet is dropped. Bidirectional firewall rules are required, especially for UDP and ICMP
protocols.
HIP 6.1 rules
The firewall in Host Intrusion Prevention 6.1 introduces a stateful firewall with both
stateful packet filtering and stateful packet inspection.
Figure 5-1 Network layers and protocols