Views:

  1. Go to Devices.
  2. Select a desktop or server group.
  3. Click Configure Policy.

    Configure Policy

    Click the image to enlarge.

  4. Click Firewall > In Office or Out of Office.
  5. Select Enable Firewall > Advanced Mode.

    Firewall - Advanced Mode

    Click the image to enlarge.

  6. To add an exception:
    1. Click Add.
    2. Type the name for the exception.
    3. Next to Action, click one of the following:
      • Allow all network traffic
      • Deny all network traffic
    4. Next to Direction, click Inbound or Outbound to select the type of traffic to which to apply the exception settings.
    5. Select the type of network protocol from the Protocol list:
      • All
      • TCP/UDP (default)
      • TCP
      • UDP
      • ICMP
      • ICMPv6
    6. Click one of the following to specify client ports:
      • All ports (default)
      • Range: type a range of ports
      • Specified ports: specify individual ports. Use a comma "," to separate port numbers.
    7. Under Machines, select client IP addresses to include in the exception. For example, if you select Deny all network traffic (Inbound and Outbound) and type the IP address for a client on the network, then any client that has this exception in its policy will not be able to send or receive data to or from that IP address. Click one of the following:
      • All IP addresses (default)
      • Single IP: Type an IPv4 or IPv6 address, or a host name. To resolve the client host name to an IP address, click Resolve.
      • IP range (for IPv4 or IPv6): Type either two IPv4 or two IPv6 addresses in the From and To fields. It is not possible to type an IPv6 address in one field and an IPv4 address in the other field.
      • IP range (for IPv6): Type an IPv6 address prefix and length.
    8. Click Save.

    Firewall Exceptions

    Click the image to enlarge.

  7. To edit an exception, click Edit and then modify the settings in the screen that displays.
  8. To move an exception up or down the list, select the exception and then click Move Up or Move Down until it is in your preferred position.
  9. To remove an exception, select the exception and then click Remove.

  1. Go to the Configure Policy screen by performing one of the following:
    • Classic Mode: Go to SECURITY AGENTS and select a group. Click the vertical ellipsis button > Configure Policy.

      Configure Policy

      Click the image to enlarge.

    • Advanced Mode: Go to POLICIES > Policy Management. Click Add or click an existing policy.
  2. Click the Windows icon.

    Windows icon

  3. Go to Firewall.
  4. Select Advanced Mode.

    Advanced Mode

    Click the image to enlarge.

  5. Go to the Exception List section.

    Exceptions

    Click the image to enlarge.

  6. To add an exception:
    1. Click Add.
    2. Type the name for the exception.
    3. Select the action to take on network traffics that meet the exception criteria.
    4. Select the traffic direction to apply the exception settings.
    5. Select the type of network protocol to apply the exception settings.
    6. Specify the endpoint ports to take the action.
    7. Specify the endpoint IP addresses to include in the exception.
      For example, if you choose to deny all inbound and outbound network traffic and specify the IP address for a single endpoint on the network, then any endpoint that applies this exception setting cannot send or receive data to or from that IP address.
      • All IP addresses
      • Single IP: Type an IPv4 or IPv6 address.
      • IP range: Type an IPv4 or IPv6 address range.
    8. Click OK.

    Firewall Exceptions

    Click the image to enlarge.

  7. To view or edit an exception, click a name in the exception list.
  8. To reorder the exception list, drag an exception to a different row.
  9. To delete an exception, point to the exception and click the Trash bin icon in the last column of the list.
Keywords: add entries to WFBS firewall exception,modify the firewall exceptions,change the firewall exceptions