Firewall Privileges

Allow users to configure their own firewall settings. All user-configured settings cannot be overridden by settings deployed from the OfficeScan server. For example, if the user disables Intrusion Detection System (IDS) and you enable IDS on the OfficeScan server, IDS remains disabled on the OfficeScan agent endpoint.

Enable the following settings to allow users to configure the firewall.

Table 1. Firewall Privileges

Privilege

Description

Display the Firewall settings on the OfficeScan agent console

The Firewall option displays all firewall settings on the OfficeScan agent.

Allow users to enable/disable the firewall, Intrusion Detection System, and the firewall violation notification message

The OfficeScan firewall protects agents and servers on the network using stateful inspection, high performance network virus scanning, and elimination. If you grant users the privilege to enable or disable the firewall and its features, warn them not to disable the firewall for an extended period of time to avoid exposing the endpoint to intrusions and hacker attacks.

If you do not grant users the privileges, the firewall settings you configure from the OfficeScan server web console display under Network card list on the OfficeScan agent console.

Allow agents to send firewall logs to the OfficeScan server

Select this option to analyze traffic the OfficeScan firewall blocks and allows.

For details about firewall logs, see Firewall Logs.

If you select this option, configure the log sending schedule in Agents > Global Agent Settings. Go to the Firewall Settings section. The schedule only applies to agents with the firewall log sending privilege. For instructions, see Global Firewall Settings.