Configuring Firewall Exceptions

Use the Firewall Exception List to allow or deny different kinds of network traffic based on endpoint port numbers and IP addresses. During an outbreak, Worry-Free Services applies the exceptions to the Trend Micro policies that are automatically deployed to protect your network.

For example, during an outbreak, you may choose to block all endpoint traffic, including the HTTP port (port 80). However, if you still want to grant the blocked endpoints access to the Internet, you can add the web proxy server to the exception list.

  1. Go to the Configure Policy screen by performing one of the following:
    • Classic Mode: Go to SECURITY AGENTS and select a group. Click > Configure Policy.

    • Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.

  2. Click Windows.
  3. Go to Firewall.
  4. Select Advanced Mode and go to the Exception List section.
  5. To add an exception:
    1. Click Add.
    2. Type the name for the exception.
    3. Select the action to take on network traffics that meet the exception criteria.
    4. Select the traffic direction to apply the exception settings.
    5. Select the type of network protocol to apply the exception settings.
    6. Specify the endpoint ports to take the action.
    7. Specify the endpoint IP addresses to include in the exception.

      For example, if you choose to deny all inbound and outbound network traffic and specify the IP address for a single endpoint on the network, then any endpoint that applies this exception setting cannot send or receive data to or from that IP address.

      • All IP addresses

      • Single IP: Type an IPv4 or IPv6 address.

      • IP range: Type an IPv4 or IPv6 address range.

    8. Click OK.
  6. To view or edit an exception, click a name in the exception list.
  7. To reorder the exception list, drag an exception to a different row.
  8. To delete an exception, point to the exception and click in the last column of the list.