 |
Firewall |
|
Firewall |
Firewall shields your system by monitoring both inbound and outbound network connections. It analyzes all incoming connections whether it is secure and should be allowed through, and checks whether the outgoing communication follows the compliance that you have set for security policies. Firewall works silently in the background and monitors network activity for malicious behavior.
You can create different policies for various groups/departments like enabling Firewall protection, applying Firewall security level with an exception rule and other settings according to the requirements. For example, you can apply security level as High for the Accounts Department, and apply an exception rule by entering the policy with additional policy settings. You can also apply the Display alert message when firewall violation occurs and Enable firewall reports options. While for Marketing Department, you can create a policy with security level as Low without an exception rule and apply the Enable firewall reports options only.
Note
The Firewall feature is available only in the clients with Microsoft Windows.
To configure a policy for Firewall setting, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. In the Level option, select one of the following:
o Block all
o High
o Medium
o Low
5. By default, the Monitor Wi-Fi Networks check box is selected. Because of this option, you get alert messages when connected with unsecured Wi- Fi network and when an attempt is detected to access unsecured client Wi-Fi (hotspot). Also the reports are generated at the server.
6. If you want an alert message about firewall violation, select Display alert message when firewall violation occurs.
7. If you want reports for all blocked connections, select the Enable firewall reports check box.
8. To save your settings, click Save Policy.
Note:
If the Firewall policy is set as Block All, Firewall will block all connections and generate many reports that may impact your network connection.
Security Level |
Description |
Block all |
Blocks all Inbound and Outbound connections without any exception. This is the strictest level of security. |
High |
Blocks all Inbound and Outbound connections with an exception rule. The exception policy can be created for allowing or denying connections either for inbound or outbound through certain communication Protocols, IP address, Ports such as TCP, UDP, and ICMP. |
Medium |
Blocks all Inbound and allows all Outbound connections with an exception rule. The exception policy can be created for allowing or denying connections either for inbound or outbound through certain communication Protocols, IP address, Ports such as TCP, UDP, and ICMP. For example, if you allow receiving data from a certain IP address, the users can receive data but cannot send to the same IP address. To take more advantage of this security level policy, it is advisable that you allow receiving inbound connections and block outbound connections. |
Low |
Allows all Inbound and Outbound connections. When you apply Low security level, it is advisable that you create an exception rule for denying particular inbound or outbound data with the help of certain Protocols, IP address, and Ports to take more advantage of the security level policy. |
With exceptions, you can allow genuine programs to perform communication irrespective of the Firewall level whether set as High or Medium. With Exceptions, you can block or allow Inbound and Outbound communication through IP Addresses and Ports.
To configure a policy with the Exceptions rule, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. In Exceptions section, click Add.
5. On the Add/Edit Exception screen, type a name in the Exception Name text box and select a protocol.
The protocol includes: TCP, UDP, and ICMP.
6. Click Next.
7. Under Local IP Address, type an IP address or IP range, and then click Next.
If you select Any IP Addresses, you need not type an IP address.
8. Under Local TCP/UDP Ports, type a port or port range, and then click Next.
If you select All Ports, you need not type a port as all ports are selected. If you mention Local IP Address or IP range or port, this exception will be applicable for incoming communications.
9. Under Remote IP Address, type an IP address or IP range and then click Next.
If you select Any IP Addresses, you need not type an IP address as all IP addresses will be blocked. If you mention remote IP or port, that exception will be for outgoing communications.
10. Under Remote TCP/UDP Ports, type a port or port range, and then click Next.
If you select All Ports, you need not type a port as all ports are selected.
11. Under Action, select either Allow or Deny.
12. Click Finish.
The Exception is added at top position in the Exceptions list. The sequence of the exceptions decides the precedence of the rule. The precedence is in descending order. You can move the exception rule with the Move Up and Move Down buttons.
13. Click Save Policy.
You can edit the exceptions rule which are created by you if required. To edit the Exceptions rule, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. In Exceptions section, select the exception that you want to edit.
5. On the Add/Edit Exception screen, you can edit the name in the Exception Name text box and edit the protocol.
The protocol includes: TCP, UDP, and ICMP.
6. Click Next.
7. Edit Local IP Address if required, and then click Next.
8. Edit Local TCP/UDP Ports if required, and then click Next.
9. Edit Remote IP Address if required, and then click Next.
10. Edit Remote TCP/UDP Ports if required, and then click Next.
11. Under Action, you can select either Allow or Deny.
12. Click Finish.
13. Click Save Policy.
You can delete the exceptions rule that you created. To delete the Exceptions rule, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. In Exceptions section, select the exception that you want to delete.
5. Click Delete.
The selected exception rule is deleted.
6. Click Save Policy.
You can export the exceptions rule that you created. To export the Exceptions rule, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. In Exceptions section, select the exception that you want to export.
5. Click Export.
The Opening fwexcp.db dialog appears.
6. Select Save File.
7. Click Ok.
The database file, fwexcp.db is downloaded.
You can import the exceptions rule that you created in the earlier versions of EPS. To import the Exceptions rule, follow these steps:
1. Log on to the Seqrite Endpoint Security Web console.
2. Go to Settings > Client Settings > Firewall.
3. To enable Firewall, select the Enable Firewall check box.
4. Click Import.
The File Upload dialog appears.
5. Select the database file, fwexcp.db.
6. Click Open.
The database file, fwexcp.db is imported.
7. Click Save Policy.