fwpol
Firewall policies allow you to block or allow certain types of network traffic not specified in a policy exception. A policy also defines which firewall features get enabled or disabled. Assign a policy to one or multiple firewall profiles.
OfficeScan comes with a set of default policies, which you can modify or delete.
With Active Directory integration and role-based administration, each user role, depending on the permission, can create, configure, or delete policies for specific domains.
The default firewall policies are as follows:
|
Default Firewall Policies |
|
Policy Name |
Security Level |
Client Settings |
Exceptions |
Recommended Use |
|
Low |
Enable firewall |
None |
Use to allow clients unrestricted access to the network |
|
|
Cisco Trust Agent for Cisco NAC |
Low |
Enable firewall |
Allow incoming and outgoing UDP traffic through port 21862 |
Use when clients have a Cisco Trust Agent (CTA) installation |
|
Communication Ports for Trend Micro Control Manager |
Low |
Enable firewall |
Allow all incoming and outgoing TCP/UDP traffic through ports 80 and 10319 |
Use when clients have an MCP agent installation |
|
ScanMail for Microsoft Exchange console |
Low |
Enable firewall |
Allow all incoming and outgoing TCP traffic through port 16372 |
Use when clients need to access the ScanMail console |
|
InterScan Messaging Security Suite (IMSS) console |
Low |
Enable firewall |
Allow all incoming and outgoing TCP traffic through port 80 |
Use when clients need to access the IMSS console |
Also create new policies if you have requirements not covered by any of the default policies.
All default and user-created firewall policies display on the firewall policy list on the web console.
To configure the firewall policy list:
Networked Computers > Firewall > Policies
To add a new policy, click Add. If the new policy you want to create has similar settings with an existing policy, select the existing policy and click Copy.
To edit an existing policy, click the policy name.
A policy configuration screen appears. See Adding or Modifying a Firewall Policy for more information.
To delete an existing policy, select the check box next to the policy and click Delete.
To edit the firewall exception template, click Edit Exception Template. The Exception Template Editor appears. See Editing the Firewall Exception Template for more information.
See also: