Previous Topic

Next Topic

Firewall Policies

Firewall policies determine the communication rights of the processes inside of the computer. At present the Firewall policies manage the communication over TCP/IP.

The basic philosophy behind the Firewall in CMDS is that all processes are denied the communication rights unless explicitly allowed. Also it is not possible to create generic rules allowing the access to unknown processes on specific ports - all rules must be assigned to specific processes or applications.

The logic in creating Firewall policies follows up the logic in creating the Sandbox Policies. There are three basic building blocks:

  • Firewall Objects - define the protocol, ports, direction
  • Firewall Profiles - assign Firewall Objects with specific IP addresses and reporting level
  • Firewall Profiles Assignment - assign Firewall Profiles to Application Groups

In This Section

Firewall Configuration Philosophy

Firewall Objects

Firewall Profiles

Assigning Firewall Profiles to Application Groups

See Also

Configuration for Advanced users

General Guidelines

Sandbox Settings in Advanced Mode

IDS Policies

Using CFGPUSH.EXE utility