Host Intrusion Prevention support for non-IP protocols
Technical Articles ID:
KB53191
Last Modified: 10/29/2020
Last Modified: 10/29/2020
Host Intrusion Prevention support for non-IP protocols
Technical Articles ID:
KB53191
Last Modified: 10/29/2020 EnvironmentMcAfee ePolicy Orchestrator (ePO) 5.x
McAfee Host Intrusion Prevention (Host IPS) 8.0 SummaryThe Host IPS client firewall filter driver detects TCP/IP and UDP protocols only. The filter might not recognize some types of non-IP traffic such as Novell IPX/SPX, and it might drop the packets. Also, the Adaptive and Learn modes do not dynamically detect and create firewall rules for non-IP protocols.
In mixed protocol traffic environments, some applications might rely on non-IP or certain application layer protocols to establish communications. In such cases, the firewall administrator must manually create appropriate firewall rules.
The best practice is to manually configure non-IP protocol rules, if Adaptive or Learn Mode fails to automatically create a firewall rule. SolutionThe option to enable Allow traffic for unsupported protocols is available on the Firewall Options configuration page in the Host IPS extension. For more information, see the Release Notes.
Related InformationKB66899 - Enable the Allow Traffic for Unsupported Protocols option to configure the NDIS drivers to pass unsupported protocol traffic instead of blocking it
Affected ProductsLanguages: |
|