Computer Protection Firewall rules and 0.0.0.0 addresses
During migration of PSB Workstation profiles to Computer Protection, firewall rules using 0.0.0.0/0 were inadvertantly migrated as 0.0.0.0
[Before migration - PSB Workstation Firewall Profile]
- Outbound TCP / UDP Traffic - Allow - Outbound - Remote IP Address: Any remote host (0.0.0.0/0)
[After migration - Computer Protection Firewall Profile]
- Outbound TCP / UDP Traffic - Allow - Outbound - Remote IP Address: 0.0.0.0
With this setting in place, outbound communication can not be performed.
The correct value to use for "Any remote host" in Computer Protection is to change the "0.0.0.0" to an empty value in the Computer Protection firewall rule.
As the use of "Any remote host" can make the system open to the internet depending on the actual rule used, and F-Secure has no knowledge of the customer's intention for the rule, we will not change these rules in a programmatic way. We do not wish to be responsible for making a customer's environment insecure.
Customers are advised to review their own Computer Protection profiles, and make the appropriate changes to rules containing 0.0.0.0 to suit their environment and wishes. The use of "any remote host" in firewall rules should be carefully considered to ensure it is only used where absolutely necessary.
This discussion has been closed.