Filter
Top Products
91
McAfee
®
Host Intrusion Prevention 6.1 Product Guide Firewall Policies
Configuring the Quarantine Rules policy
5
Configuring the Quarantine Rules policy
The Quarantine Rules policy is a special set of firewall rules that is enforced when
Quarantine mode is enabled. You create and manage quarantine rules by applying a
Quarantine Rules policy with the appropriate settings.
The
Quarantine Rules policy provides access for:
Creating new Quarantine Rules policies
Viewing and editing quarantine rules
Creating a new quarantine rule or group
Deleting a quarantine rule or group
Creating new Quarantine Rules policies
To add a new policy that is not specific to a node, create a policy in the Policy Catalog.
See Policy Catalog on page 119 for details. To add a new policy specific to a node,
follow the instructions in this section.
To create a Quarantine Rules policy:
1 In the console tree, select the group or computer in the console tree where you
want to apply the policy.
2 Expand the Firewall feature, and in the
Quarantine Rules line, click Edit.
The policy name list becomes active.
3 Do one of the following:
Select one of the preconfigured policies in the list, and click Apply
Select New Policy to create a new policy,
The
Create New Policy dialog box appears.
4 Select the policy to duplicate, type a name for the new policy, and click
OK.
The
Quarantine Rules dialog box appears with the new policy selected in the policy list
pane.
Note
If users connect to the network using VPN software, make certain that quarantine rules
allow any traffic required to connect and authenticate over the VPN.
You can use the regular Firewall feature to determine which VPN-related rules you need
for
Quarantine mode. Enable the firewall’s Learn mode or Adaptive mode, and then
connect using VPN software. Host Intrusion Prevention automatically generates
relevant VPN rules, which you can then reproduce in your quarantine rules.