Blocking a remote computer by configuring peer-to-peer authentication
You can use peer-to-peer authentication to allow a remote client computer (peer) to connect to another client computer (authenticator) within the same corporate network. The authenticator temporarily blocks inbound TCP and UDP traffic from the remote computer until the remote computer passes the Host Integrity check. You can use this enforcement technique when the remote computer is physically remote. The technique leverages advanced capabilities of the
Symantec Endpoint Protectionfirewall to enhance access to shared files.
The Host Integrity check verifies the following characteristics of the remote computer:
- The remote computer hasSymantec Endpoint Protectioninstalled.
- The remote computer passed the Host Integrity check.
If the remote computer passes the Host Integrity check, the authenticator allows inbound connections from the remote computer.
If the remote computer fails the Host Integrity check, the authenticator continues to block the remote computer. You can specify how long the remote computer is blocked before it can try to connect to the authenticator again. You can also specify certain remote computers to always be allowed, even if they do not pass the Host Integrity check. If you do not enable a Host Integrity policy for the remote computer, the remote computer passes the Host Integrity check.
Peer-to-peer authentication information appears in the Network and Host Exploit Mitigation Traffic log.
Peer-to-peer authentication works in server control and mixed control, but not in client control.
- To block a remote computer by configuring peer-to-peer authentication
- In the console, open a Firewall policy.
- On theFirewall policypage, clickPeer-to-Peer Authentication Settings.
- On thePeer-to-Peer Authentication Settingspage, checkEnable peer-to-peer authentication.
- Configure each value that is listed on the page.For more information about these options, clickHelp.
- To allow remote computers to connect to the client computer without being authenticated, checkExclude hosts from authentication, and then clickExcluded Hosts.The client computer allows traffic to the computers that are listed in theHostlist.
- In theExcluded Hostsdialog box, clickAddto add the remote computers that do not have to be authenticated.
- In theHostdialog box, define the host by IP address, IP range, or the subnet, and then clickOK.
- In theExcluded Hostsdialog box, clickOK.
- If you are prompted, assign the policy to a group.