Creating new Firewall Rules policies

To add a new policy that is not specific to a node, create a policy in the Policy Catalog. See Policy Catalog for details. To add a new policy specific to a node, follow the instructions in this section.

To create a Firewall Rules policy:

  1. In the console tree, select the group or computer to which you want to apply the policy.
  2. On the Policies tab, expand the Firewall feature.
  3. In the Firewall Rules line, click Edit.
  4. The policy name list becomes active.

  5. Do one of the following:
    • Select one of the preconfigured policies in the list, and click Apply.
    • :

      Select this policy...
      For this protection...
      Minimal (Default)
      • Blocks any incoming ICMP traffic that an attacker could use to gather information about your computer. Host Intrusion Prevention allows all other ICMP traffic.
      • Allows Windows file sharing requests from computers in the same subnet, and blocks file sharing requests from anyone else. (The Trusted Networks policy must have Include Local Subnet Automatically selected.)
      • Allows you to browse Windows domains, workgroups, and computers.
      • Allows all high incoming and outgoing UDP traffic.
      • Allows traffic that uses BOOTP, DNS, and Net Time UDP ports.
      Learning Starter
      • Blocks incoming ICMP traffic that an attacker could use to gather information about your computer. Host Intrusion Prevention allows all other ICMP traffic.
      • Allows Windows file sharing requests from computers in the same subnet, and blocks file sharing requests from anyone else. (The Trusted Networks policy must have Include Local Subnet Automatically selected.)
      • Allows you to browse Windows domains, workgroups, and computers.
      • Allows traffic that uses BOOTP, DNS, and Net Time UDP ports.
      Client Medium
      • Allows only ICMP traffic needed for IP networking (including outgoing pings, trace routes, and incoming ICMP messages). Host Intrusion Prevention blocks all other ICMP traffic.
      • Allows UDP traffic necessary for accessing IP information (such as your own IP address, or the network time). This protection level also allows traffic on high UDP ports (1024 or higher).
      • Allows Windows file sharing, but only for a local subnet. You cannot browse outside your local subnet, and this protection blocks anyone outside your subnet from accessing files on your computer. (The Trusted Networks policy must have Include Local Subnet Automatically selected.)
      Client High
      Use this protection level if you are under attack or at high risk of an attack. This protection level allows only minimal traffic in and out of your system.
      • Allows only ICMP traffic necessary for proper networking. This protection blocks both incoming and outgoing pings.
      • Allows only UDP traffic necessary for accessing IP information (such as your own IP address or the network time).
      • Blocks Windows file sharing.
      Server Medium
      Use this protection level for a network server.
      • Allows ICMP traffic that facilitates communication between the server and its clients. This protection blocks all other ICMP traffic.
      • Allows UDP traffic necessary for accessing IP information. This protection also allows traffic on high UDP ports (1024 or higher).
      Server High
      Use this protection level for a server connected directly to the Internet, at a high risk of attack. Use this protection level as a basis for creating your own, customized rule set.
      • Allows specific ICMP traffic — that which facilitates communications between the server and its clients. Host Intrusion Prevention blocks all other ICMP traffic.
      • Allows UDP traffic necessary for accessing IP information. Host Intrusion Prevention blocks all other UDP traffic.

    • Select New Policy to create a new policy,
    • The Create New Policy dialog box appears.

  6. Select the policy to duplicate, type a name for the new policy, and click OK.
  7. The Firewall Rules dialog box appears with the new policy selected in the policy list pane.

  8. Do any of the following:
  9. Click Close.
  10. The name of the new policy appears in the policy list.

  11. Click Apply.
  12.  

    You can also create a new policy from within the Firewall Rules dialog box by clicking Add Policy or Duplicate Policy.

Copyright © 2006 McAfee, Inc. All Rights Reserved.