Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Enabling or Disabling the firewall feature of Apex One

    • Updated:
    • 28 Sep 2021
    • Product/Version:
    • Apex One 2019
    • Platform:
Summary

During the Apex One server installation, you are prompted to enable or disable the Apex One firewall.

This article shows you the steps to turn on/off the firewall feature on Apex One agents for the following scenarios:

  • If you enabled the firewall during installation and noticed an impact on performance, especially on Windows Server platforms, consider disabling the firewall.
  • If you disabled the firewall during installation but now want to protect the agent from intrusions, then you may consider enabling the firewall.

This article can also be used as reference to create and customize policies, then apply them on all or selected agent profiles.

Details
Public

You can use the following methods to enable or disable the firewall on all or selected Security Agent endpoints.

To configure the Apex One Firewall service on all Security Agents using Global Agent Settings, do the following:
  1. Login to the Apex One Admin Console, and go to Agents > Global Agent Settings.
  2. On the Security Settings tab, go to the Firewall Settings section and change the settings to the preffered ones:
    For example:

    Firewall Settings Sample

  3. On the System tab, go to the Certified Safe Software Settings section and select Enable the Certified Safe Software Service for Behavior Monitoring, Firewall, and antivirus scans.
  4. Click Save.

Configure the Apex One Firewall service on selected Security Agents using Additional Service Settings.

  1. Login to Apex One Administrator Console, and go to Agents > Agent Management.
  2. Select the endpoint or domain group of the clients to configure.

    Additional Service Settings

    Click the image to enlarge.

  3. Click Settings > Additional Service Settings.
  4. Enable Windows desktop or server.

    Firewall Service

    Click the image to enlarge.

  5. Click Save.
 
Disabling the firewall service automatically disables all firewall policies on the selected agents.
 

To create a new policy and apply it to Security Agents, do the following:

  1. Login to the Apex One Administrator Console, and go to Agents > Firewall > Policies.
  2. To add a new policy, click Add.

    Firewall Settings

    Click the image to enlarge.

  3. Type a name for the policy.
  4. Select a security level.

    Security Level

  5. Select the firewall features to use for the policy.

    Firewall Features

  6. Enable the local or global Certified Safe Software List.

    Certified Secure Software List

    Click the image to enlarge.

     
    Ensure that the Unauthorized Change Prevention Service and Certified Safe Software Services have been enabled before enabling this service.
     
  7. Under Exception, select the firewall policy exceptions. You can modify an existing policy exception or create a new one.
  8. Click Save.

For more information, refer to Firewall Policies.

  1. Login to Apex One Administrator Console, then
  2. Go to Agents > Firewall > Profiles, then click Add.

    Firewall Profile

    Click the image to enlarge.

  3. Click Enable this profile to allow Apex One to deploy the profile to Security Agents.
  4. Type a name to identify the profile and an optional description.
  5. Select a policy for this profile.
  6. Specify the agent endpoints to which Apex One applies the policy. Select endpoints based on the following criteria.

    Criteria

    Click the image to enlarge.

  7. Select whether to grant users the privilege to change the firewall security level or edit a configurable list of exceptions to allow specified types of traffic.

    User Privileges

  8. Click Save.

For more information, you check Adding and Editing a Firewall Profile.

Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000289091
Feedback
Did this article help you?

Thank you for your feedback!


*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.