Firewalls & Host Intrusion Prevention Content
Firewalls & Host Intrusion Prevention
A firewall helps protect your computer by controlling incoming access to your computer. For ITS-managed Windows and macOS computers, we utilize the firewall incorporated within its operating system.
Personal Firewalls and Host Intrusion Prevention for Windows Computers
RIT Faculty and Staff
McAfee's Endpoint Security is available for use on all RIT-owned Windows and macOS computers at no additional charge to other departments of the Institute. When used in conjunction with e-Policy Orchestrator, HIP requires no configuration or maintenance on your part. HIP is deployed and managed with e Policy Orchestrator, so to install it, you must install the McAfee agent first. E-Policy Orchestrator will subsequently install and maintain ENS via the McAfee agent.
Personally Owned (Home) and All Student Computers
For these computers, including student computers, we recommend using Zone Alarm from Checkpoint Software. CheckPoint provides a free version of Zone Alarm for personally owned systems, and you can download it from the Zone Labs Web Site.
NOTE: Zone Alarm is only a firewall. It does not provide host intrusion protection.
Official Microsoft Windows Update Service (Microsoft Internet Explorer on Microsoft Windows required)
Personal Firewalls, Anti-Virus, and Host Intrusion Prevention
A personal firewall is a program that you run on your computer which blocks any communication to and from that computer that has not been specifically allowed by you. As such, a desktop firewall can block malicious attempts to penetrate your computer and take control of it. Note, however, that firewalls work by making judgments about how software wants to communicate with your computer; they can only watch what is going out or coming in. Once a piece of mailicious software finds its way its way into your computer and is quietly wreaking havoc, it's too late for the firewall to do anything about it.
Host Intrusion Prevention
Host Intrusion Prevention adds a third level of protection to your firewall and anti-virus programs by continuously monitoring the software that's running in your machine. It detects and shuts down or blocks the action of suspicious programs based on how they're behaving, rather than on the basis of how they look or how they got into your computer.
Managing It All
Unforutunately the only way that security software like firewalls, anti-virus or host intrusion prevention can tell whether something is suspicious is by means of a large, complex and arcane set of rules that tell it how good software should look, act and communicate. If the rules and signatures that your software is using are too lenient, your security software could miss things that it should catch. If those rules are overly restrictive, they will cause desktop programs like email, your web browser, printing or just logging in to malfunction, and the cause of this malfuntion is usually very hard to trace when it happens. Finally, if those rules and signatures are too old, they'll miss newer forms of attack. Given the speed at which new threats now appear and spread through the internet, "too old" can be little more than a day or two.
Effectively managing all of this has become a monumental task that requires more time, attention, and technical knowledge than most of us have. The Mcafee Security Suite, together with ePO, provides a solution to this problem for RIT-owned machines. Once the ePO agent has been installed on an RIT-owned machine, the ePO server will automatically install the McAfee Endpoint Security software, and maintain all of the rule sets, signatures and updates necessary to keep that software working properly. In the event that something requres a change to the rule set, McAfee and ITS can anticipate and make this change, and the ePO server will send it to your computer automatically. You can also make individual changes yourself, although most people never need to concern themselves with this.
If you have an ePO managed system and prefer to use a different firewall or anti-virus program, you can call the ITS Service Desk and ask to have the corresponding McAfee component removed. The remaining components should continue to operate and can co-exist with most other security software.
Home Contact View
Mon - Thu: 7:30 A.M. - 9:00 P.M.
Fri: 7:30 A.M. - 5:00 P.M.
Sat - Sun: Noon - 5:00 P.M.