The firewall can block or allow certain types of network traffic by creating a
barrier between the client and the network. Additionally, the firewall will identify
patterns in
network packets that may indicate an attack on clients.
Worry-Free Services has two
options to choose from when configuring the firewall: simple mode and advanced mode.
Simple mode
enables the firewall with the Trend Micro recommended default settings. Use advanced
mode to
customize the firewall settings.
 |
TipTrend Micro recommends uninstalling other software-based firewalls before
deploying and enabling the Trend Micro firewall.
|
Default Firewall Simple Mode Settings
The firewall provides default settings to give you a basis for initiating your
client firewall protection strategy. The defaults are meant to include common conditions
that may
exist on clients, such as the need to access the Internet and download or upload files
using
FTP.
 |
NoteBy default, Worry-Free Services
disables the firewall on all new groups and Security Agents.
|
Default Firewall Settings
|
Settings
|
Status
|
|
Security Level
|
Low
Inbound and outbound traffic allowed, only network viruses blocked.
|
|
Intrusion Detection System
|
Disabled
|
|
Alert Message (send)
|
Disabled
|
Default Firewall Exceptions
|
Exception Name
|
Action
|
Direction
|
Protocol
|
Port
|
|
DNS
|
Allow
|
Incoming and outgoing
|
TCP/UDP
|
53
|
|
NetBIOS
|
Allow
|
Incoming and outgoing
|
TCP/UDP
|
137, 138, 139, 445
|
|
HTTPS
|
Allow
|
Incoming and outgoing
|
TCP
|
443
|
|
HTTP
|
Allow
|
Incoming and outgoing
|
TCP
|
80
|
|
Telnet
|
Allow
|
Incoming and outgoing
|
TCP
|
23
|
|
SMTP
|
Allow
|
Incoming and outgoing
|
TCP
|
25
|
|
FTP
|
Allow
|
Incoming and outgoing
|
TCP
|
21
|
|
POP3
|
Allow
|
Incoming and outgoing
|
TCP
|
110
|
Traffic Filtering
The firewall
filters all incoming and outgoing traffic, providing the ability to block certain
types of traffic
based on the following criteria:
-
Direction (inbound/outbound)
-
Protocol (TCP/UDP/ICMP)
-
Destination ports
-
Destination computer
Scanning for Network Viruses
Stateful Inspection
The firewall is a stateful inspection firewall; it monitors all connections to
the client and remembers all connection states. It can identify specific conditions
in any
connection, predict what actions should follow, and detect disruptions in a normal
connection.
Therefore, effective use of the firewall not only involves creating profiles and policies,
but also
analyzing connections and filtering packets that pass through the firewall.
Firewall Driver
The Firewall Driver, in conjunction with the user-defined settings of the
firewall, blocks ports during an outbreak. The Firewall Driver also uses the Network
Virus Pattern
file to detect network viruses.