(imported topic written by tomitman91)
We are in the process of testing of BigFix firewall before we migrate from McAfee Desktop Firewall. In McAfee we are using a feature called “Trusted Networks” which is a list of trusted subnets. We can then setup a single rule for these ‘Trusted Networks’ to allow any traffic in both directions. Is there a way in BigFix Firewall to define “Trusted Networks”, or do I have to create a separate rule for each of the subnets in our ‘Trusted Networks’ list?
(imported comment written by jessewk)
I would use the location property wizard to input the listed of subnets that are “Trusted”.
You can then target an allow all firewall policy to those machines that are reporting they are in a Trusted location.
If you want to get fancier, you could use the relevance generated by the location property wizard as a custom compliance check in the compliance wizard. You would then have this as your first compliance policy and have subsequent more restrictive policies for machines that don’t fall into the trusted set. If configured correctly, the firewall policies enforced by the machines will change as they move in and out of the trusted locations.
Let us know if you need more specifics
Jesse