Testing the OfficeScan Firewall
To ensure that the OfficeScan firewall works properly, perform a test on a single OfficeScan agent or group of OfficeScan agents.
Test OfficeScan agent program settings in a controlled environment only. Do not perform tests on endpoints connected to the network or to the Internet. Doing so may expose OfficeScan agent endpoints to viruses, hacker attacks, and other risks.
- Create and save a test policy. Configure the settings
to block the types of traffic you want to test. For example, to
prevent the OfficeScan agent from
accessing the Internet, do the following:
- Set the security level to Low (allow all inbound/outbound traffic).
- Select Enable firewall and Notify users when a firewall violation occurs.
- Create an exception that blocks HTTP (or HTTPS) traffic.
- Create and save a test profile, selecting the agents to which you will test firewall features. Associate the test policy with the test profile.
- Click Assign Profile to Agents.
- Verify the deployment.
- Click Agents > Agent Management.
- Select the domain to which the agent belongs.
- Select Firewall view from the agent tree view.
- Check if there is a green check mark under the Firewall column of the agent tree. If you enabled the Intrusion Detection System for that agent, check that a green check mark also exists under the IDS column.
- Verify that the agent applied the correct firewall policy. The policy appears under the Firewall Policy column in the agent tree.
- Test the firewall on the agent endpoint by attempting to send or receive the type of traffic you configured in the policy.
- To test a policy configured to prevent the agent from accessing the Internet, open a web browser on the agent endpoint. If you configured OfficeScan to display a notification message for firewall violations, the message displays on the agent endpoint when an outbound traffic violation occurs.