N-central Help

Firewall module

Use the Firewall module to control access to network resources, network services, and to the Internet by specified applications. A database of known, legitimate applications can automatically be granted access to these resources and services. The Firewall module can also protect against port scans, restrict Internet Connection Sharing (ICS), and warn when new nodes join a WiFi connection.

You should not enable this module if the device is using the Windows built-in firewall, or if the device stays behind a hardware-based firewall.

The Firewall module is only available when adding or editing a laptop/workstation security profile.

  1. Click Configuration > Security Manager > Profiles.
  2. Click Add, or click on an existing profile to edit.
  3. Click View Settings beside the Firewall module.
  4. Click the check box for Enable Firewall.
  5. In the Component Configuration area, select the Firewall features to turn on. Selecting Integrate with AVC integrates the Firewall module's rules iwth the Active Virus Control of the Behavioral Analysis module.
  6. Click the Settings tab and configure how trust levels and the Stealth Mode feature are applied to network connections. Stealth Mode hides associated devices from malicious software and unauthorized access through both the network and the Internet.
  7. Click the Rules tab and configure the application network access and data traffic rules enforced by the Firewall module.
  8. When creating a rule, you can create an application rule or a connection rule. The application rule defines what traffic an application can send and receive and a connection rule defines address and port access is available.

    Note that for application rules, with the Local Addressyou can configure the local IP addresses and ports where the rule will be applied. If you have more than one network adapter, clear the Any check box and enter a specific IP or IP/Mask address. To filter connections on a specific port or range of ports, clear the Any check box and enter the appropriate Port or port range. For a Remote Address - configure the remote IP addresses and ports where the rule will be applied. If you have more than one network adapter, clear the Any check box and enter a specific IP or IP/Mask address. To filter connections on a specific port or range of ports, clear the Any check box and enter the appropriate Port or port range.

  9. Click Save.