To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Firewall rule settings in Policy Manager. Setting application path

Options
technika
technika W/ Member Posts: 1 Security Scout
in WithSecure Business Suite

Is it possible to use wildcards like * in Application Scope > Application path when creating Firewall rules in F-Secure Policy Manager v15.3.96305?

image.png

The problem is constantly changing paths like:

C:\Program Files\Google\Drive File Stream\78.0.1.0\googledrivefs.exe

where version number changes from time to time. So we would like to be able to use something like:

C:\Program Files\Google\Drive File Stream\*\googledrivefs.exe instead

Tagged:

Answers

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 221 Moderator
    Options

    Hi @technika

    Thank you for reaching out the WithSecure Community.

    One common question that arises when configuring firewall rules in Policy Manager is whether wildcards (*) can be used. Unfortunately, the answer is no. Wildcards are not supported as a function within our Policy Manager.

    It's important to note that this functionality essentially acts as a messenger service between the policy manager and the Windows firewall itself.

    Unfortunately, since Windows firewall does not allow the usage of wildcards in its configuration, we are unable to support them within our Policy Manager either.

    We understand that this limitation may pose some challenges when setting up your desired firewall rules, but rest assured that our team is continuously working on enhancing and improving our services based on customer feedback.

    However, at the moment, when defining the remote endpoint for a firewall rule, it can be either a single host, network, or even a comma-separated list of hosts and/or networks. The supported endpoint notations are as follows:

    Hosts:

    • IPv4 or IPv6 address (e.g., 172.16.0.1 or FE80::BDED:BF85:BE17:B715)
    • DNS name (e.g., www.withsecure.com)
    • "[mydns]" - Referring to My DNS servers

    Networks:

    • IPv4 or IPv6 address range (e.g., 172.16.0.0-172.16.255.255 or 21DA:D3:0:2F3B::-21DA:D3:0:2F3B:FFFF:FFFF:FFFF)
    • IPv4 or IPv6 address with subnet prefix length (e.g., 172.16.0/16 or 21DA:D3::/64)
    • "[mynetwork]" - Referring to My local networks

    If you have any further questions regarding this matter or require additional assistance with your firewall configurations, please do not hesitate to reach out to our support team or here in the community page. We are here to help.

    Thank you for being a valued member of our community. We appreciate your understanding and cooperation.

    Best regards,
    Sethu
    Community Moderator | Technical Support Engineer
    WithSecure™ https://www.withsecure.com/en/home

Categories