Windows System Administration: March 2010

Create a new GPO and navigate to the following section

Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile\

Select the following policy setting

Windows Firewall: Define inbound port exceptions

#########################################################
# McAfee Inbound Port Settings
#########################################################

Agent to Server Communication. These ports must be enabled on Server

80:TCP:192.168.10.0/25:Enabled:HTTP Service
84:TCP:192.168.10.0/25:Enabled:Agent-to-server
8444:TCP:192.168.10.0/25:Enabled:Sensor-to-Server
8444:UDP:192.168.10.0/25:Enabled:Sensor-to-Server (UDP)

Server to Agent Communication. These ports must be enabled on Clients

8081:TCP:192.168.10.0/25:Enabled:Agent wakeup (TCP)
8081:UDP:192.168.10.0/25:Enabled:Agent wakeup (UDP)
8082:TCP:192.168.10.0/25:Enabled:Agent broadcast (TCP)
8082:UDP:192.168.10.0/25:Enabled:Agent Broadcast (UDP)

Of course is recommended to specify the Server firewall settings in a different GPO that the one that is targeted to clients.

Simple as that,

Windows System Administration

Saturday, March 13, 2010

Mcafee ePO Agent and Windows Firewall