fwpro

Firewall Profiles

Firewall profiles provide flexibility by allowing you to choose the attributes that a client or group of clients must have before applying a policy. Create user roles that can create, configure, or delete profiles for specific domains.

Users using the built-in administrator account or users with full management permissions can also enable the Overwrite client security level exception list option to replace the client profile settings with the server settings.

Profiles include the following:

OfficeScan comes with a default profile named "All clients profile", which uses the "All access" policy. You can modify or delete this default profile. You can also create new profiles. All default and user-created firewall profiles, including the policy associated to each profile and the current profile status, display on the firewall profile list on the web console. Manage the profile list and deploy all profiles to OfficeScan clients. OfficeScan clients store all the firewall profiles to the client computer.

  1. For users using the built-in administrator account or users with full management permissions, optionally enable the Overwrite client security level exception list option to replace the client profile settings with the server settings.

  2. To add a new profile, click Add. To edit an existing profile, select the profile name.

  3. A profile configuration screen appears. See Adding and Editing a Firewall Profile for more information.

  4. To delete an existing policy, select the check box next to the policy and click Delete.

  5. To change the order of profiles in the list, select the check box next to the profile to move, and then click Move Up or Move Down.

  6. OfficeScan applies firewall profiles to clients in the order in which the profiles appear in the profile list. For example, if a client matches the first profile, OfficeScan applies the actions configured for that profile to the client. OfficeScan ignores the other profiles configured for that client.

  7. To manage reference servers, click Edit Reference Server List.

  8. Reference servers are computers that act as substitutes for the OfficeScan server when it applies firewall profiles. A reference server can be any computer on the network. OfficeScan makes the following assumptions when you enable reference servers:

    See Reference Servers for more information.

  9. To save the current settings and assign the profiles to clients:

    1. Select whether to Overwrite client security level/exception list. This option overwrites all user-configured firewall settings.

    2. Click Assign Profile to Clients. OfficeScan assigns all profiles on the profile list to all the clients.

  10. To verify that you successfully assigned profiles to clients:

    1. Go to Networked Computers > Client Management. In the client tree view drop-down box, select Firewall view.

    2. Ensure that a green check mark exists under the Firewall column in the client tree. If the policy associated with the profile enables the Intrusion Detection System, a green check mark also exists under the IDS column.

    3. Verify that the client applied the correct firewall policy. The policy appears under the Firewall Policy column in the client tree.

See also: