Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

How to manage Firewall settings for "Domain Networks"?

We have the "Domain Networks" in the Windows Firewall disabled. With the installation of the 14.x client, F-Secure has re-enabled that on Windows computers running Windows 7 and 10. How do we selectively disable the "Domain Networks" firewall setting while leaving the rest enabled? I noticed that if I disabled the firewall setting in F-Secure, it disabled all the 3 firewall locations in Windows. 

 

Answers

  • MJ-perCompMJ-perComp Posts: 1,098

    Don't do that, dont try that.
    It is a bad idea and lowering your security signifcantly.

    What is the reason, that you wanted to switch off domain firewall?

    Rethink your firewall usage. F-Secure can switch between different profiles. While I do strongly recommend not to do so you could create an "allow all" profile. Try to use the Office profile first!

    Configure to only use F-Secure firewall (Ingnore all Firewall rules not listed in this profile).

  • I appreciate the concern for our network security but that doesn't really answer my question. Is it not possible to control how F-Secure is manipulating the Windows Firewall settings? 


    When I read the release notes for version 14 of the client and it said that it was eliminating the use of the F-Secure firewall and relying on the Windows firewall, no where did it say that it intended to take control of the Windows firewall settings. Nor did I expect it to hijack the Windows firewall settings and change them from what we had configured. That's bad behavior, if you ask me. Likewise, I didn't expect that by trying to turn off F-Secure's manipulation of the firewall settings that it would turn off all the firewall settings, even those that had been previously enabled. At the least, F-Secure should have made this clear in the release notes. The implementation of this seems to not have been thought through from the customer perspective. 

  • MJ-perCompMJ-perComp Posts: 1,098

    You misunderstand the concept.

     

    If you do not want Windows to add any rules to the firewall you have to disable them in the F-Secure configuration ("Ingnore all Firewall rules not listed in this profile").

    F-Secure firewall rules are independant from Windows so that they can not be tampered with.
    a "Firewall OFF" is realised by a "bypass all" (AFAIK same as windows does it).

    So create a BypassAll-profile and use AutoSelection to switch the profile.
    Clipboard01.gif

    Still I recommend NOT to disable local firewall n neither situation.

This discussion has been closed.