Displaying and selecting computer firewall profile
Hello,
We recently switched from PM+CS to Elements EPP and for life of my I cannot find where is displayed the currently assigned firewall profile of each computer? The second question: How can we assign certain firewall profile to certain specific computer or groups of computers? Do we really need to clone the whole main profile to achieve this? How those profiles can be then maintained without any hierarchy like in PM?
Answers
-
Hi,
Profile inheritance does not exist in Elements.
To set a firewall profile to a computer, you need to copy a profile and change it.
You can use compare and edit profile feature to help with keeping profiles similar.
0 -
Hello,
Thanks for you comment. Yes, right, there is no hierarchy/inheritance of profiles, but I was wondering if there is some alternative way to handle computer specific firewall rules, because the main profile clone/compare is not really sustainable solution.
Is it also so, that we cannot see the firewall profile name the client is currently using? If automatic selection of firewall profile based on network location is in use, the selected profile should be visible somewhere - it is possible that the network location detection does not work correctly due to incorrect configuration, leading WithSecure client to select wrong firewall profile. There should be a way to detect this.
0 -
Hi,
This setting has firewall profile:
And in main UI , you can see network location :
So you can use all this data to see what is going on on client.
If you want to have several computer specific firewall profiles, then using network locations is one possible way.
You can have one profile and many firewall profiles inside and switch them based on some location rule.
0 -
Hello,
Thanks. Yes, the firewall profile is visible in the client application, but this does not help much the admin who is looking the world from the other end. In PM this is displayed in Status->Overall protection page, but in Elements there seems to be over 100 columns in Devices page, but not the current firewall profile.
You mentioned that network locations can be used for setting computer specific rule. How do you do that? There is no trigger which would bind the computer identity to network location.
0 -
Hi,
If you want a single rule to be enabled, this is not possible. We only allow entire firewall profile to be switched using Network Location. Is this what you want ?
Regarding showing selected firewall profile on portal, I have reached out to our product team. This is a good idea and we will add this if it's missing.
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support