mayowa 1 Posted July 31, 2019 Share Posted July 31, 2019 Dear All, We have ESET firewall feature found to have block an application in an organisation,even after creating exclusion for the application file path,process,port and IP from the ESMC Pees_logs.zipees_logs.ziplease kindly advise on a work around as we dont want to turn off firewall due to malware constantly trying to infiltrate the organisation endpoints For your perusal please find the link below and attached document for ESET Log Collector log https://we.tl/t-jy2cL2Ksbq Link to comment Share on other sites More sharing options...
Administrators Marcos 5,407 Posted July 31, 2019 Administrators Share Posted July 31, 2019 There are "Failed to create rule" errors logged in the firewall log. It appears that automatic firewall mode is enforced by a policy. In automatic mode (default) without any custom rules all outgoing communication is allowed and only non-initiated incoming communication is blocked. I see that you have 3 permissive rules created so these should not block any communication. Did you set the policy to replace the existing ones on clients or to be appended to the existing ones? Did you intentionally remove pre-defined fw rules from the policy? Please enable advanced network protection logging under Tools -> Diagnostics, reproduce an issue with blocked communication and provide fresh ELC logs. Link to comment Share on other sites More sharing options...
Recommended Posts