Adding a Firewall Profile

  1. Go to Agents > Firewall > Profiles.
  2. Select to add or modify a profile.
    • Click Add to create a new profile.

    • Click the Name of an existing profile to modify settings.

  3. Select Enable this profile to allow Apex One to deploy the profile to Security Agents.
  4. In the Profile Settings section, configure the following:
    • Name: Type a unique name for the profile.

    • Description: (Optional) Type a description for the profile.

    • Policy: Select a preexisting Apex One Firewall policy to apply to the profile.

      For more information, see Firewall Policies.

    • Select the criteria the Apex One Firewall uses to define the Security Agents to which the profile applies.

      Criteria

      Description

      Endpoint

      Select to apply the profile to Security Agents selected from the agent tree.

      Click Select Endpoints from Agent Tree to open the Firewall Profile Settings screen. Select the required Security Agents and click Select.

      Platform

      Select to apply the profile to specific operating system types.

      • Supported Windows Server platforms

      • Supported Windows desktop platforms

      For a list of supported operating systems, see the System Requirements document.

      Logon name

      Select to apply the profile to specific users logged on to endpoints.

      Specify the logon name for particular users. The Apex One Firewall applies the profile on Security Agents on which the specified users logged on.

      NIC description

      Select to apply the profile to endpoints using specific Network Interface Cards (NIC).

      Type a full or partial NIC description.

      Tip:

      Trend Micro recommends typing the NIC card manufacturer because NIC descriptions typically start with the manufacturers name. For example, if you type "Intel", all Intel-manufactured NICs satisfy the criteria. If you type a particular NIC model, such as "Intel(R) Pro/100", only NIC descriptions that start with "Intel(R) Pro/100" satisfy the criteria.

      Agent location

      Select to apply the profile based on the Security Agent connection status.

      • Internal - Security Agents can connect to a configured reference server

        Note:

        Click Edit reference server list to configure location settings.

        For more information, see Reference Servers.

      • External - Security Agents cannot connect to a configured reference server

  5. In the User Privileges section, configure the following:
    • Allow user to change security level: Select to allow users to define the Apex One Firewall security level using the Security Agent console

    • Allow user to edit policy exceptions: Select to allow users to define custom Apex One Firewall policy exceptions using the Security Agent console

    Important:

    Only Security Agents with the Display the Firewall settings on the Security Agent console privilege display the firewall settings on the Security Agent console.

  6. Click Save.

    The profile displays in the Firewall Profiles list.

  7. Click Apply Profiles to Agents to send the updated profiles to Security Agents.