Firewall Policy Parent topic

The Mobile Security firewall protects mobile devices on the network using stateful inspection, high performance network traffic control and the intrusion detection system (IDS). You can create rules to filter connections by IP address, port number, or protocol, and then apply the rules to mobile devices in specific Mobile Security groups.
Note
Note
Trend Micro recommends uninstalling other software-based firewall applications on mobile devices before deploying and enabling Mobile Security firewall. Multiple vendor firewall installations on the same computer may produce unexpected results.
To configure firewall policy settings, click Policies, then click the policy name, and then click Firewall Policy.
A firewall policy includes the following:
  • Firewall Policy: Enable/Disable the Mobile Security firewall and the IDS. Also includes a common policy that blocks or allows all inbound and/or all outbound traffic on mobile devices
    • Enable Intrusion Detection System (IDS): The Mobile Security firewall integrates the Intrusion Detection System (IDS) and helps prevent SYN Flood attacks (a type of Denial of Service attack) where a program sends multiple TCP synchronization (SYN) packets to a computer, causing the mobile device to continually send synchronization acknowledgment (SYN/ACK) responses. This can exhaust system resource and may leave mobile devices unable to handle other requests.
    • Security level: The Mobile Security firewall comes with three pre-defined security levels that allow you to quickly configure firewall policies. These security levels limit network traffic based on traffic directions.
      • Low—allow all inbound and outbound traffic.
      • Normal—allow all outbound traffic but block all inbound traffic.
      • High—block all inbound and outbound traffic.
  • Exception: Exception rules include more specific settings to allow or block different kinds of traffic based on mobile device port number(s) and IP address(es). The rules in the list override the Security level policy.
    Exception rule settings include the following:
    • Action—blocks or allows/logs traffic that meets the rule criteria
    • Direction—inbound or outbound network traffic on mobile devices
    • Protocol—type of traffic: TCP, UDP, ICMP
    • Port(s)—ports on the mobile devices on which to perform the action
    • IP addresses—IP addresses of network devices to which the traffic criteria apply