McAfee UTILITIES 4.0 Podręcznik Użytkownika Pobierz pdf (Strona 52)

Connection isolation in connection-aware groups

The connection isolation option in Connection-Aware Groups (CAG) prevents undesirable traffic

from accessing a designated network through other active network interfaces on a computer,

such as a wireless adapter connecting to a wi-fi hotspot while a wired adapter is connected to

a LAN. When the Isolate this connection option is selected for a CAG, and an active Network

Interface Card (NIC) matches the CAG criteria, the only types of traffic processed are traffic

matching allow rules above the CAG in the firewall rules list, and traffic matching the CAG

criteria. All other traffic is blocked.

The process of connection isolation with Connection-Aware Groups begins when the firewall

processes traffic against its list of rules until a Connection-Aware Group (CAG) is encountered.

At the CAG:

• If the traffic through a NIC matches the CAG’s criteria, the firewall evaluates the CAG’s rules

for a match.

• If the traffic through a NIC does not match the CAG’s criteria, and the connection isolation

option is not enabled, the firewall skips the CAG and continues analyzing against the rules

that follow the CAG.

Configuring Firewall Policies

Overview of Firewall policies

McAfee Host Intrusion Prevention 7.0 Product Guide for use with ePolicy Orchestrator 4.052

1 2 ... 47 48 49 50 51 52 53 54 55 56 57 ... 111 112

Brak uwag

McAfee UTILITIES 4.0 Podręcznik Użytkownika Strona 52