Faronics Deploy Docs
Deploy HomeDeploy Sign inSubmit a ticket
  • About Faronics Deploy
  • Highlights
    • Top 10 Trending Topics
    • What's New?
  • Getting Started
    • Quick Start Guide
      • System Requirements
      • Initial Setup and Configuration
        • Sign Up - Create a Faronics Deploy Account
        • Download and Install Deploy Agents
          • Windows Install Guide
            • Download MSI Installer to Deploy via Active Directory
          • Mac Install Guide
        • Login to Deploy for the First Time
        • Configure User Profile and Organization Settings
          • How to Configure your User Profile
          • How to Configure your Organization Settings
        • Add Administrators - Invite your Team and Assign Roles
        • Manage Tags
          • Apply a Tag
    • Navigating the User Interface
      • Deploy User Interface Views
        • Control Grid
          • Dashboard View
          • Applications View
          • Windows Updates View
          • OS Deployment View
          • Anti-Virus View
          • Inventory View
          • Policies View
        • Analytics
          • Applications View
          • Usage Reports View
          • Windows Updates Status View
          • Anti-Virus Reports View
          • Deploy Diagnostics View
        • Tickets View
        • Tasks View
      • Using the Control/Smart Grids
      • Using the Action Toolbar
      • Computer States and Actions
        • Handling Offline Computers
        • Wake-On-LAN
          • Designate Last Man Standing (LMS) computers
      • Light Mode/Dark Mode View
  • Feature Definitions and Glossary
  • Action Toolbar
  • App Preset
  • Custom App
  • Policies (Windows)
  • Policies (macOS)
  • Policy Update Mode
  • Application Management
    • Applications Overview
    • Navigating the Applications Control Grid
    • Cache Server: Save Bandwidth
    • Groups Configuration
      • Create a Group
      • Delete a Group
      • Add Computer(s) to a Group
        • Assign a Computer to a Group via the Deploy Agent Download and Install
        • Assign Computers to a Group After they Appear in the Dashboard
        • Group Computers Using a Naming Convention
        • Group Computers Based on Criteria in Inventory
      • Perform Actions on a Group of Computers
        • Perform Actions via the Action Toolbar on a Group of Computers
    • Install, Uninstall & Update Applications
      • Install Application(s)
        • Install Built-In Application(s)
        • Install an Application on All Computers in Deploy
        • Install an Application Using Winget
          • Enable and Install Winget
          • Install an Application Using the Winget Tool
        • Install an External Application (Custom App)
          • Create and Install a Custom App
            • Hosting a Custom App - URL or Network Path
          • Edit a Custom App
          • Copy a Custom App
          • Request Assistance From a Deployment Specialist
          • Example: Installing MS Office 365 as a Custom App
        • Install a Pre-Defined Group of Applications (App Presets)
          • Create an App Preset
          • Install an App Preset
          • Manage App Presets
        • Install an Application on a Group of Computers
        • Schedule an Install of Application(s)
          • Schedule an Install of an Application
          • Schedule an Install of Multiple Applications
      • Uninstall Application(s)
        • Uninstall an Application From a Group of Computers
        • Uninstall an Application From all Computers
        • Schedule an Uninstall
      • Update Application(s)
        • Performing Updates On-Demand
        • Update via Apps with Recent Updates Grid
        • Update Applications Using Policy Modes
    • Application Management for macOS
      • Install Application on macOS
        • Install Built-In Application(s) on macOS
        • Install a Custom App (External) on macOS
          • Create and Install a Custom App on macOS
      • Update an Application on macOS
      • Uninstall Application on macOS
      • Shell Scripts on macOS
  • WINDOWS UPDATES
    • Navigating the Windows Updates Control Grid
  • Manual Windows Updates Approval
    • Manually Approve All Windows Updates for All Computers (Install All Updates)
    • Manually Install Windows Updates on a Group of Computers
    • Manually Approve a Windows Update Category (in a Policy) for all Computers
    • Manually Approve an Individual Windows Update in a Policy for All Computers
    • Manually Approve or Deny Individual Windows Updates via Pending Windows Updates
    • Patch Scan (On-Demand)
  • Automated Windows Updates Approval
    • Automated Windows Updates Using Policies
    • Automated Windows Updates Use Case: Testing Patches
    • Patch Scan (Using a Policy)
  • OS DEPLOYMENT
    • Navigating the OS Deployment Control Grid
    • Imaging Utility Requirements
    • Getting Images Ready for Deployment
      • Loading Images from ISO Files
        • Download and Install the Faronics Deploy Imaging Server Tool
        • Loading ISO Image Files via the Faronics Deploy Imaging Tool
      • Building Images for Deployment - Template Machine
    • Capturing Images
    • Deployment Packages
      • Deployment Package Install Settings
    • Post Imaging Actions
    • USB Media Creator
      • Generate a Portable USB Creator (Used to Create a Recovery USB Drive)
      • Create a Recovery USB Flash Drive from a Portable USB Creator
    • Inject Drivers into the boot.wim File
    • Abort the Sysprep Task
  • OS MANAGEMENT
  • OS Management Overview
  • Create a Configuration
    • System and Security
    • Network and Internet
    • Hardware
    • User Accounts
    • Appearance and Personalization
    • Clock and Region
    • Ease of Access
    • Others
  • Apply a Configuration to a Group of Computers
  • Custom Scripts - PowerShell, VB, Batch, Executable [.exe]
    • Custom Scripts Library
      • Quick Guide to Self-Hosting Custom Scripts
      • Send Message
      • Rename Multiple Computers
      • Show All Notification Icons
      • Hide Task View
      • Hide Recent Apps
      • Hide People Taskbar
      • Disable Cortana
      • Google Chrome Ad Blocker Extension
        • Create a Custom Script to Install any Google Chrome Extension
      • Uninstall Windows Updates
      • Auto Logon
      • Disable the UltraVNC System Tray Icon
      • Install Printer Driver Silently
  • Policies - Scheduling and Automation
    • Update modes - Automatic, Scheduled, Adhoc
    • Create a Policy
      • Create a Windows Policy
      • Create a macOS Policy
      • Create a New Policy (MDM)
        • Global Settings (MDM)
    • Maintenance Mode
    • End-User Experience: Defer Updates and Reboots
    • Protecting the Deploy Agent
  • ANTI-VIRUS & FIREWALL
    • Faronics Anti Virus & Firewall Protection Configuration
      • Anti-Virus Settings
      • Firewall Settings
      • Computer Settings
  • Upgrade Anti-Virus Software
  • Restore or Delete Quarantined Files
  • INVENTORY
    • Inventory
      • View Details
    • Organize Computers Using Inventory Data
    • Retrieve MSInfo Reports Using the Deploy Console
    • Inventory Data Update - Heartbeat + On-Demand
    • Quickly View Installed Applications
    • Organize Inventory by Active Directory Group Membership / Organization User Membership
  • ANALYTICS
    • Usage Statistics Reports
      • Application Usage Report
      • Application Update Status Report
      • Installed Applications Report
      • Computer Usage Report
      • Login Summary Report
      • Windows Update Status Report
  • REMOTE ACCESS - RDP / VNC
    • Remote Access Requirements - Ports and Networking
    • Remote Pro
    • VNC - Initial Setup
    • Using VNC - Virtual Network Computing
    • Using RDP - Remote Desktop Protocol
    • Remote View the Screen of a Computer (Configure Refresh Rate & Monitor Selection)
  • TASKS
    • Task History
    • Scheduled Tasks
      • Assign a Scheduled Task
      • Delete a Recurring Scheduled Task
      • Cancel a One Time or Recurring Scheduled Task
    • Schedule a One Time Task
    • Schedule a Recurring Task
    • Schedule a Custom Script to Run on Every Reboot
  • Help Desk Tickets
    • Enabling Ticketing
      • Enable Ticketing for Your Organization
        • Enable Email Alerts for Incoming Tickets
      • Enable Ticketing for a User
      • Ticketing Emails
    • Ticket Actions
      • Create a Ticket
      • Edit a Ticket
      • Add a Note to a Ticket
      • Assign Ticket (To a User)
      • Assign Owner (To a Ticket)
      • Change Status of a Ticket (Open, In Progress, Closed)
      • Download a File Attached to a Ticket
      • View a Ticket
      • View History
      • Export a Report of All Tickets to a CSV File
      • Remote Access a Computer via a Ticket
    • Ticketing - Mapping Email IDs
    • Fair Use Policy - Ticketing
  • User Management
    • User Roles
    • Add Users
      • Add a User via Email
      • Add a User/Group via Active Directory
    • Configure SAML (Verify Users for External Applications)
  • Organization Settings
    • 2FA - Two Factor Authentication
    • Accessibility
  • Mobile Device Management
    • Overview
    • Device Configuration
      • MDM Set up
      • Enroll Standard Device
        • Mobile Browser
        • iOS App
        • Apple Configurator
        • Email
      • Enroll Lite Device
    • Apple Devices
    • Apple Lite Devices
    • Apps & Docs
      • Applications
      • Shared Documents
    • Settings
      • Networks
      • Personalization
      • Accounts
    • Device Actions
    • Action Toolbar
Powered by GitBook
On this page
  • Configuring Firewall Settings and Rules
  • Configuring Program Rules
  • Configuring Network Rules
  • Configuring Advanced Rules
  • Configuring Trusted Zones
  1. ANTI-VIRUS & FIREWALL
  2. Faronics Anti Virus & Firewall Protection Configuration

Firewall Settings

PreviousAnti-Virus SettingsNextComputer Settings

Last updated 4 years ago

Configuring Firewall Settings and Rules

The Firewall can be enabled/disabled and configured in a Windows Policy. To enable Firewall settings, you must first enable Anti-Virus in a Windows Policy.

See for a guide on how to create a Windows Policy and enable the Anti-Virus protection.

Firewall Protection Settings

Firewall Protection Settings

Options

Description

Enable Firewall Protection

Firewall protection prevents hackers or malicious software from gaining access to your computer.

Allow user to disable firewall.

Checking this box disables the firewall.

Enable firewall logging.

Checking this box enables logs to be generated and stored by the firewall.

1. Select Anti-Virus from the left menu.

2. Click Firewall Protection.

3. Under Firewall Protection Settings, enable/disable the Firewall Protection.

4. If the Firewall Protection is enabled, decide if you want to Allow user to disable Firewall by selecting the box (default setting is enabled).

5. If the Firewall Protection is enabled, decide if you want to Enable/Disable Firewall Logging by selecting the box (default setting is disabled).

If this is the only setting you are configuring, click SAVE; otherwise, proceed to the next settings.

Configuring Program Rules

Next, you will need to define the Program Rules.

Program Rules define the action taken by the firewall on the network activity to and from the application. Program Rules have priority over the default rules. Default rules can be edited but cannot be deleted.

6. Expand the Program Rules; this will present a list of default Firewall Rules. You can edit these rules, but they cannot be deleted.

7. To edit a rule, select the Allow/Block field that you wish to update, then select either Allow or Block from the drop-down list that appears.

8. To add a new Firewall Rule, click the + button on the top right. The Add a Rule screen will now appear.

9. Enter a Name for your new Firewall Rule.

10. Enter the Program name to be added to the Firewall Rule, including its full path.

11. Select Allow or Block for Trusted Zone Inbound.

12. Select Allow or Block for Trusted Zone Outbound.

13. Select Allow or Block for UnTrusted Zone Inbound.

14. Select Allow or Block for UnTrusted Zone Outbound.

15. Click OK; this will return you to the previous screen.

If this is the only setting you are configuring, click SAVE; otherwise, proceed to the next settings.

Configuring Network Rules

Network Rules define the action taken by the Firewall on the network activity. All Network Rules are pre-configured; they can be edited but cannot be deleted.

16. Click Network Rules to expand the view.

17. Select a Trusted or UnTrusted Zone to edit, then select either Allow or Block from the drop-down list.

If this is the only setting you are configuring, click SAVE; otherwise, proceed to the next settings.

Configuring Advanced Rules

Advanced Rules are processed in the order in which they are listed. Pre-defined Advanced Rules are generated for you, and any user-defined advanced rules will take precedence over the Pre-defined Advanced Rules.

18. Click Advanced Rules to expand the view.

19. To add a new Advanced Rule, click the + button on the top right. The Add an Advanced Rule screen will now appear.

20. Enter a Name for your new rule (UDP Block Outgoing in this example).

21. Either enter a Program name or leave it blank to apply the rule to all Programs.

22. Select an Action, Allow or Block from the drop-down list (Block in this example).

23. Select a direction In, Out, or Both (Out in this example).

24. Select the Protocol Type and click ADD; you can add multiple protocol types.

25. Select a Local Port, either All Ports or Specified Ports.

26. If Specified Ports was selected above, then enter the port(s) here.

27. Select a Remote Port, either All Ports or Specified Ports.

28. If Specified Ports was selected above, then enter the port(s) here.

29. Click OK; this will return you to the previous screen.

If this is the only setting you are configuring, click SAVE; otherwise, proceed to the next settings.

Configuring Trusted Zones

Trusted Zones specify computers, networks, and safe IP addresses. Trusted Zone and Internet (Non-Trusted) can be treated differently by Application and Network Rules.

30. Click Advanced Rules to expand the view.

31. To add a new Trusted Zone, click the + button on the top right. The Add Trusted Zone screen will now appear.

A Trusted Zone can be either a home or work Network or a Specific Computer.

32. Enter a Name for the new Trusted Zone (Seattle Network in this example).

33. Enter a Description for the new Trusted Zone.

34. Select the Address Type, either Network or IP Address (Network in this example).

If you select IP Address a Mask is not needed.

35. Enter the IP Address for the Network.

36. Enter the Mask for the Network (If you selected IP Address in step 34, you would not see the Mask option).

37. Click OK.

Once saved, to make any changes to this configuration, navigate to the Policies tab, then locate the Policy by name in the grid, select it and click the EDIT POLICY button on the top menu bar.

The new Policy's Firewall Settings have been configured. If this is the only or final setting you are configuring, click SAVE; otherwise, proceed to the next settings ().

Computer Settings
Anti-Virus Settings
Firewall Settings
Configure Program Rules for the Firewall
Add a Rule
Configure Network Rules
Configuring Advanced Rules
Adding Advanced Rules
Add a Trusted Zone