Filtering the network traffic on multiple computers
(Intel AMT only)
The Intel AMT network filtering (Circuit Breaker) functionality lets you block network traffic from and to the target computers' operating systems. For example, you can use this feature to isolate infected computers from the network.
Network Filtering works only if both the client operating system and Intel AMT network settings are configured to use Dynamic Host Configuration Protocol (DHCP).
Some ports stay open when network filtering is active.
To filter the network traffic on multiple computers
In the Symantec Management Console, on the Manage menu, click Jobs and Tasks.
In the left pane, expand System Jobs and Tasks > Real-Time System Manager.
Click Network Filtering.
If you want to block network traffic to and from the operating system, do the following:
Click Filter network traffic other than to and from the Notification Server.
Choose if you want to use the default solution filtering settings or browse for a custom .xml file.
(Optional) To prevent the client computer from sending malicious packets, check Enable anti-spoofing filter. This feature forces the identity verification of outgoing network traffic and drops packets if the computer is suspected of originating malicious attacks that are known as IP spoofing.
(Optional) To protect the client computer from network flooding, click Limit the number of PING packets to, and type the number of packets per second allowed to pass through the Intel AMT network filter.
Default: 10 packets per second.
(Optional) To disable network filtering, click Allow all network traffic.
Click Save changes.
Run the task once or on a schedule.
Imported Document ID: HOWTO93460
Subscribing will provide email updates when this Article is updated. Login is required.