Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Intrusion Defense Firewall 1.2 User's Guide - Trend Micro? Online ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Protecting a Mobile Laptop Computer<br />
In this guide, we will use the Server Plug-in to protect a mobile laptop. This will involve the following<br />
steps:<br />
1. Activate the Client Plug-in on the laptop computer.<br />
2. Create a new Security Profile for a Windows laptop<br />
a. Create a new Security Profile<br />
b. Assign <strong>Firewall</strong> and Stateful Configuration Rules with Location Awareness Conditions<br />
c. Assign Deep Packet Inspection (DPI) Rules<br />
3. Apply Security Profiles to the Computer<br />
4. Monitor Activity using the Server Plug-in<br />
We will assume that you have already installed the Server Plug-in on the Computer from which you intend<br />
to manage the IDF Client Plug-ins throughout your network. We will also assume that you have installed<br />
(but not activated) IDF Client Plug-ins on the mobile laptops you wish to protect. If you have not<br />
done so, consult the installation instructions for the steps to get to this stage.<br />
Activate the Client Plug-in on a Computer<br />
Client Plug-ins need to be activated by the Server Plug-in before rules can be assigned to them. The<br />
activation process includes the exchange of unique "fingerprints" between the Client Plug-in and the<br />
Server Plug-in. This ensures that only this IDF Server Plug-in (or one of its nodes) can send instructions to<br />
the Client Plug-in.<br />
To manually activate a Client Plug-in on a Computer, right-click one or more selected Computers and<br />
select Actions > Activate/Reactivate Client Plug-in(s).<br />
Create a Security Profile<br />
Now that the Client Plug-in is activated, we can assign some rules to protect the Computer. Although you<br />
can assign rules directly to a Computer, it‟s more useful to create a Security Profile which contains these<br />
rules and which can then be assigned to multiple Computers.<br />
Creating the Security Profile will involve the following steps:<br />
1. Creating and naming the new Security Profile<br />
2. Defining Multiple Interface Types<br />
3. Setting the <strong>Firewall</strong> to Inline Mode<br />
4. Assigning <strong>Firewall</strong> Rules with Location Awareness<br />
5. Assigning Deep Packet Inspection (DPI) Rules<br />
6. Assigning the Security Profile to the Computer<br />
Creating and Naming the New Security Profile<br />
To create a new Security Profile:<br />
1. Click Security Profiles in the Server Plug-in‟s navigation pane, and then click "New" to display<br />
the New Security Profile wizard.<br />
2. Name the new Security Profile "My New Laptop Security Profile". Click Next.<br />
3. The next screen asks if you would like to base the Security Profile on an existing Computer‟s<br />
current configuration. If you were to select "Yes", you would be asked to pick an existing<br />
© Copyright 2010 <strong>Trend</strong> <strong>Micro</strong> Inc. www.trendmicro.com<br />
All rights reserved. - 110 -