Firewall Privileges

Allow users to configure their own firewall settings. All user-configured settings cannot be overridden by settings deployed from the Apex One server. For example, if the user disables Intrusion Detection System (IDS) and you enable IDS on the Apex One server, IDS remains disabled on the Security Agent endpoint.

Enable the following settings to allow users to configure the firewall.

Table 1. Firewall Privileges

Privilege

Description

Display the Firewall settings on the Security Agent console

The Firewall option displays all Firewall settings on the Security Agent.

Allow users to enable/disable the firewall, Intrusion Detection System, and the firewall violation notification message

The Apex One Firewall protects agents and servers on the network using stateful inspection, high performance network virus scanning, and elimination. If you grant users the privilege to enable or disable the firewall and its features, warn them not to disable the firewall for an extended period of time to avoid exposing the endpoint to intrusions and hacker attacks.

If you do not grant users the privileges, the Firewall settings you configure from the Apex One server web console display under Network card list on the Security Agent console.

Allow agents to send firewall logs to the Apex One server

Select this option to analyze traffic the Apex One firewall blocks and allows.

For details about firewall logs, see Firewall Logs.

If you select this option, configure the log sending schedule in Agents > Global Agent Settings on the Security Settings tab. Go to the Firewall Settings section. The schedule only applies to agents with the firewall log sending privilege. For instructions, see Global Firewall Settings.