This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Creating a firewall policy

Guys,

I'm not very familiar with Sophos products and need some help. I have Sophos Enterprise Console version 4.7.0.13 and Enpoint Security and Control 9.7 I'm trying to buld a new firewall policy from scratch which I plan to roll out to all clients.

I'm following the best practises as laid out by Sophos in the follwoing document (see method 1)

http://www.sophos.com/support/knowledgebase/article/63997.html

I'm logged into the test machine as administrator and configured the firewall to "allow by default" and launched some of our standard applications.

I opened the firewall log and tried creating rules based on these applications. However when I right click an event I'm not presented with the option to create a rule.

Any Ideas?

Thanks in advance for your help.

This thread was automatically locked due to age.

0 QC over 14 years ago

Hello Peter,
you don't create the rules using the firewall log on the client but the Console: View->Firewall Events..., select the appropriate Search period and create the rules from the events listed. Note that this does not clear or remove the events you have already dealt with.
Christian
:14573
Cancel
Vote Up 0 Vote Down

Cancel
0 peter79 over 14 years ago

Christian,
Thanks for your reply it was very helpful. I have some more questions if you dont mind. I see that be default Sophos firewall creates a checksum for each application the problem is that we use a mix of IE6 and IE8 so I assume I will have to create a rule for each version of IE right?
Thanks.
:14579
Cancel
Vote Up 0 Vote Down

Cancel
0 QC over 14 years ago

Application rules are by name - but a name can have several checksums (and versions) associated. IIRC it is not possible to create a different set of rules for different ~~versions~~ checksums.
Christian
:14583
Cancel
Vote Up 0 Vote Down

Cancel