Use the Firewall module to control access to network resources, network services, and to the Internet by specified applications. A database of known, legitimate applications can automatically be granted access to these resources and services. The Firewall module can also protect against port scans, restrict Internet Connection Sharing (ICS), and warn when new nodes join a WiFi connection.
The Firewall module is only available when adding or editing a laptop/workstation security profile.
- In the navigation pane, click Configuration > Security Manager > Profiles
- Click Add, or click on an existing profile to edit.
- Click View Settings beside the Firewall module.
Firewall Module Settings
Enable the Firewall module and configure general settings.
Select Integrate with AVC to integrate the Firewall module's rules with the Active Virus Control feature found in the Behavioral Analysis Module.
Configure how trust levels and the Stealth Mode feature are applied to network connections. Stealth Mode hides associated devices from malicious software and unauthorized access through both the network and the Internet.
In addition to the rules configured in the Firewall Module tab, a number of additional rules control firewall behaviour depending on the trust level.
Configure the application network access and data traffic rules enforced by the Firewall module.
Select the Rule Policy - the firewall decision-making logic - to apply when applications request access to network and Internet services:
Known files represent a large collection of safe, trustworthy applications that is compiled and continuously maintained.
When creating a rule, you can create an application rule or a connection rule. The application rule defines what traffic an application can send and receive and a connection rule defines address and port access is available.
Note that for application rules, with the Local Addressyou can configure the local IP addresses and portswhere the rule will be applied. If you have more than one network adapter, you can clear the Any check box and type a specific IP or IP/Mask address. To filter connections on a specific port or range of ports, clear the Any check box and type the appropriate Port or port range. For a Remote Address - configure the remote IP addresses and ports where the rule will be applied. If you have more than one network adapter, you can clear the Any check box and type a specific IP or IP/Mask address. To filter connections on a specific port or range of ports, clear the Any check box and type the appropriate Port or port range.