Can the F-Secure PSB Computer Protection profile be used to force control of the Windows Firewall on / off state?

Issue:

Can the Computer Protection profile be used to force the firewall on if the end user has turned it off?

Resolution:

The on/off state of the Windows Firewall can be fully controlled from the PSB portal settings profiles.
To modify the state of the firewall, do as follows:

  1. Log in to the PSB Management Portal
  2. Go to the Profiles page
  3. Click on the profile you want to edit (observe that profiles with the READ ONLY flag cannot be edited)
  4. Select the Firewall page from the options on the left
  5. Under General settings, set the Use Windows Firewall-setting to the desired mode (to prevent anyone from being able to modify the setting locally, click the lock-icon on the extreme right side of the setting, so that the lock is closed)
The Windows Firewall will always follow the setting in Computer Protection. Users with sufficient rights can turn the firewall on or off directly through the firewall settings in Windows, but it will be forced back again in a few seconds time.

Leaving the setting unlocked in the settings profile will allow for local settings to override the value stated in the profile, see the following examples:

Profile setting: firewall ON, setting unlocked
Setting in Computer protection UI: OFF
Result: the Windows Firewall will be forced OFF

Profile setting: firewall ON, setting unlocked
Setting in Computer protection UI: ON
Result: the Windows Firewall will be forced ON

Profile setting: firewall ON, setting locked
Setting in Computer protection UI: Will be forced ON
Result: the Windows Firewall will be forced ON

Article no: 000016070

Pricing & Product Info

For product info and pricing please go to the F-Secure product page

Version history
Revision #:
3 of 3
Last update:
3 weeks ago
Updated by: