Adding a Firewall Policy

  1. Go to Agents > Firewall > Policies.
  2. Select to add, copy, or modify a policy.
    • Click Add to create a new policy.

    • Select an existing policy and click Copy to open the Copy Policy screen. Modify the policy settings as required.

    • Click the Policy Description of an existing policy to modify settings.

  3. In the Firewall Policy section, configure the following:
    • Name: Specify a unique name for the Apex One Firewall policy.

    • Security level: Select from High, Medium, or Low to determine the type of traffic that the Apex One Firewall allows or blocks.

      Note:

      The Apex One Firewall automatically allows or blocks connections through the ports specified in the Exception Template list.

      For more information, see Editing the Apex One Firewall Exception Template List.

  4. In the Firewall Features section, configure the following:
    • Enable firewall: Select to activate the Apex One Firewall for this policy.

    • Enable Intrusion Detection System (IDS): Select to attempt and identify patterns in network patterns that may indicate an attack.

      For more information, see Intrusion Detection System.

    • Display a notification when a Firewall violation is detected: Select to display a notification on the Security Agent when the Apex One Firewall blocks an outgoing packet.

      Important:

      If you grant users the permission to configure Apex One Firewall settings using the Security Agent console, you cannot use the Apex One web console to override the settings that the user configures.

      The information under Settings on the Security Agent console's Firewall tab always reflects the settings configured from the Security Agent console, not from the server web console.

  5. In the Certified Safe Software List section, configure the following:
    • Enable the local Certified Safe Software List: Select to allow network traffic to applications that Trend Micro has verified to be safe, using the local pattern.

      • Enable the global Certified Safe Software List (Internet access required): Select to allow network traffic to applications that Trend Micro has verified to be safe, using the dynamically updated, cloud-based pattern.

        Important:

        Querying the global Certified Safe Software List requires that you enable both the Unauthorized Change Prevention Service and the Certified Safe Software Service.

  6. In the Exception section, manage the Exception Template List that applies to this policy only.

    The Apex One Firewall automatically populates the Exceptions List with the Exception Template List entries. If you add, modify, or delete any exception in the policy Exceptions List, the changes only apply to the current policy and not the Exception Template List.

    For more information about adding exceptions, see Adding a Firewall Policy Exception (follow the instructions from step 3).

  7. Click Save.