The
firewall exception template contains policy exceptions that you
can configure to allow or block different kinds of network traffic
based on the Security Agent endpoint's
port number(s) and IP address(es). After creating a policy exception,
edit the policies to which the policy exception applies.
Decide which type of policy exception you want to use. There
are two types:
-
RestrictiveBlocks only specified types of network traffic and applies to policies that allow all network traffic. An example use of a restrictive policy exception is to block Security Agent ports vulnerable to attack, such as ports that Trojans often use.
-
PermissiveAllows only specified types of network traffic and applies to policies that block all network traffic. For example, you may want to permit Security Agents to access only the Apex One server and a web server. To do this, allow traffic from the trusted port (the port used to communicate with the Apex One server) and the port the Security Agent uses for HTTP communication.Security Agent listening port: > . The port number is under Basic Information.Server listening port: . The port number is under Agent Connection Settings.Apex One comes with a set of default firewall policy exceptions, which you can modify or delete.
Default Firewall Policy Exceptions
ActionProtocolPortDirectionDNSAllowTCP/UDP53Incoming and outgoingNetBIOSAllowTCP/UDP137, 138, 139, 445Incoming and outgoingHTTPSAllowTCP443Incoming and outgoingHTTPAllowTCP 80Incoming and outgoingTelnetAllowTCP23Incoming and outgoingSMTPAllowTCP25Incoming and outgoingFTPAllowTCP21Incoming and outgoingPOP3AllowTCP110Incoming and outgoingLDAPAllowTCP/UDP389Incoming and outgoing
 |
NoteDefault exceptions apply to all agents. If you want a default exception to apply only to certain agents, edit the exception and
specify the IP addresses of the agents.
The LDAP exception
is not available if you upgrade from a previous Apex One version. Manually
add this exception if you do not see it on the exception list.
|