Firewall rule settings in Policy Manager. Setting application path

technika · 2023-07-27T11:58:28+00:00

There was an error rendering this rich post.

Is it possible to use wildcards like * in Application Scope > Application path when creating Firewall rules in F-Secure Policy Manager v15.3.96305?

The problem is constantly changing paths like:

C:\Program Files\Google\Drive File Stream\78.0.1.0\googledrivefs.exe

where version number changes from time to time. So we would like to be able to use something like:

C:\Program Files\Google\Drive File Stream\*\googledrivefs.exe instead

Find more posts tagged with

Firewall

Accepted answers

All comments

Sethu Laks

Hi @technika

Thank you for reaching out the WithSecure Community.

One common question that arises when configuring firewall rules in Policy Manager is whether wildcards (*) can be used. Unfortunately, the answer is no. Wildcards are not supported as a function within our Policy Manager.

It's important to note that this functionality essentially acts as a messenger service between the policy manager and the Windows firewall itself.

Unfortunately, since Windows firewall does not allow the usage of wildcards in its configuration, we are unable to support them within our Policy Manager either.

We understand that this limitation may pose some challenges when setting up your desired firewall rules, but rest assured that our team is continuously working on enhancing and improving our services based on customer feedback.

However, at the moment, when defining the remote endpoint for a firewall rule, it can be either a single host, network, or even a comma-separated list of hosts and/or networks. The supported endpoint notations are as follows:

Hosts:

IPv4 or IPv6 address (e.g., 172.16.0.1 or FE80::BDED:BF85:BE17:B715)
DNS name (e.g., www.withsecure.com)
"[mydns]" - Referring to My DNS servers

Networks:

IPv4 or IPv6 address range (e.g., 172.16.0.0-172.16.255.255 or 21DA:D3:0:2F3B::-21DA:D3:0:2F3B:FFFF:FFFF:FFFF)
IPv4 or IPv6 address with subnet prefix length (e.g., 172.16.0/16 or 21DA:D3::/64)
"[mynetwork]" - Referring to My local networks

If you have any further questions regarding this matter or require additional assistance with your firewall configurations, please do not hesitate to reach out to our support team or here in the community page. We are here to help.

Thank you for being a valued member of our community. We appreciate your understanding and cooperation.

Best regards,
Sethu
Community Moderator | Technical Support Engineer
WithSecure™ https://www.withsecure.com/en/home