Apex One Firewall Overview

The Apex One Firewall protects Security Agents and servers on the network using stateful inspection and high performance network virus scanning. Through the central management console, you can create rules to filter connections by application, IP address, port number, or protocol, and then apply the rules to different groups of users.

The following table describes the features provided by the Apex One Firewall.

Feature

Description

Traffic filtering

The Apex One Firewall filters all incoming and outgoing traffic, providing the ability to block certain types of traffic based on the following criteria:

  • Direction (inbound/outbound)

  • Protocol (TCP/UDP/ICMP/ICMPv6)

  • Destination ports

  • Source and destination endpoints

Application filtering

The Apex One Firewall filters incoming and outgoing traffic for applications specified in the Firewall Exception List, allowing these applications access to the network. The availability of network connections depends on the policies set by the administrator.

Certified Safe Software List

The local Certified Safe Software List contains a list of applications that can bypass firewall policy security levels. The Apex One Firewall automatically allows applications in the Certified Safe Software List to run and access the network.

You can also allow Security Agents to query the dynamically-updated global Certified Safe Software List hosted on Trend Micro servers.

Important:

Querying the global Certified Safe Software List requires that you enable both the Unauthorized Change Prevention Service and the Certified Safe Software Service.

Network virus detection

The Apex One Firewall examines all network packets for network viruses.

Stateful inspection

The Apex One Firewall uses stateful inspection to monitors and remember all connections and connection states to the Security Agent. The Apex One Firewall can identify specific conditions in any connection, predict what actions should follow, and detect disruptions in normal connections. Therefore, effective use of the firewall not only involves creating profiles and policies, but also analyzing connections and filtering packets that pass through the firewall.

Intrusion Detection System

The Intrusion Detection System (IDS) helps identify patterns in network packets that may indicate an attack on the endpoint.

For more information, see Intrusion Detection System.