Jump to content

ESET PROTECT Firewall Rules Question


Go to solution Solved by Marcos,

Recommended Posts

Hello all,

I have a question regarding ESET Firewall settings. We need to block Internet access but allow one IM app to communicate outside to the world. Also the internal communication needs to be allowed.

I created two rules... First of them blocks ports 80 and 443 in both directions, another allows xxx.exe executable file but this is not working at all. A test computers still have full Internet access.

Am I missing anything?

Thank you for your suggestions.

 

Link to comment
Share on other sites

  • Administrators

Did you add ports 80 and 443 on the Remote tab and specified only the path to the executable on the Local tab ?

image.png

image.png

Link to comment
Share on other sites

  • Administrators

You must remove ports 80,443 on the Local tab. Local ports are automatically chosen by Windows.

Link to comment
Share on other sites

  • Administrators
  • Solution

You have installed ESET Endpoint Antivirus (EEA), not ESET Endpoint Security which also contains a firewall. Therefore firewall settings cannot be applied to EEA.

For improved protection from possible attackers disabling ESET, I'd recommend:
- enabling detection of potentially unsafe applications
- locking up real-time and HIPS settings by a policy, especially if settings are not password protected.

Link to comment
Share on other sites

Oh, that's the reason, ok, I will try that again with ESET Endpoint Security.

And this is a test policy so a password is not configured.

Link to comment
Share on other sites

Ok, another problem showed up. I switched from ESET Antivirus to ESET Security but now I cannot use VNC... How to make an exception for this program?

Link to comment
Share on other sites

  • Administrators

You have several options:
1, Manually create an inbound permissive rule for VNC
2, Run the Firewall troubleshooting wizard to unblock the desired communication
3, Switch the firewall to learning mode for a while until the necessary rule is created automatically.

Link to comment
Share on other sites

I already created a rule for this and it works but the firewall troubleshooting wizard sounds interesting... How can I use it?

Anyway, after moving to ESET Security, Internet access is blocked and IM application seems to be working! Thanks.

Link to comment
Share on other sites

  • Administrators

The firewall troubleshooting wizard provides a list of recently blocked communications with an option to unblock the desired ones with a few clicks. The wizard can be accessed only locally, not from the administration console. What you could do is remote to the machine to access it and unblock the desired communication and then request the configuration from the management console which you could then convert to a policy for instance.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...