How-to


Changelog


Troubleshooting


Privacy policy for enterprise solutions



Page tree
Skip to end of metadata
Go to start of metadata

G DATA Security Client for Windows - Firewall

The Firewall module is available as part of the Client Security Business, Endpoint Protection Business and Managed Endpoint Security solutions.

The Firewall option loads the firewall's interface. As long as the client is in the G DATAManagementServer network, the firewall will be administered centrally by the server. When the client connects to another network, for example if a laptop is using a private network at home, the firewall interface can be used to configure an off-site configuration.

The Firewall system tray menu option can be enabled or disabled in G DATA Administrator under Firewall > Overview > Run outside internal network by checking Allow user to change the off-site configuration.

G DATA Security Client Firewall - Status

The Status module of the firewall shows information about the current status of the firewall. By double-clicking any of the entries, you can carry out actions directly or switch to the respectiveprogram area.

  • Security: Enable or disable the firewall. This option is only available if it has been enabled inG DATA Administrator (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall).
  • Mode: The firewall can be operated in automatic (autopilot) mode or in manual (rule sets) mode. Changing this option client-side is only possible if the client is being used outside the ManagementServer network and if it has been enabled in G DATA Administrator (Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).
  • Networks: Open the Networks panel, which shows the networks that your computer is connected to as well as the rule sets that are used.
  • Prevented attacks: When the firewall registers an attack on your computer, it is prevented and logged here.
  • Application radar: Show which programs are currently being blocked by the firewall. If you want to allow one of the blocked applications to use the network, select it and then click the Allow button.

G DATA Security Client Firewall - Networks

The Networks module lists all networks to which your computer is connected, as well as which rule set is protecting the respective network. Select a network and click Edit to view details and to configure the settings for this network. Network settings can only be edited if that has been specifically allowed (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall) or if the device is being used in off-site mode (Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).

  • Network info: Shows information about the network, including IP address, subnet mask, default gateway, DNS and WINS server.
  • Firewall enabled on this network: Enable or disable firewall protection.
  • Internet connection sharing: Allow Internet Connection Sharing (ICS).
  • Enable automatic configuration (DHCP): Allow DHCP configuration.
  • Rule set : Choose any of the defined Rule sets to be applied to this connection. Click Edit rule set to open the Rule Wizard.

G DATA Security Client Firewall - Rule sets

In the Rule sets module you can create and edit rule sets (groups of firewall rules that can be applied to networks).

  • New: Create a new rule set. In the following dialog, enter a Rule set name and decide if the rule set should be pre-populated with rules from the default rule sets for untrusted, trusted or blocked networks.
  • Delete: Delete the selected rule set. The default rule sets cannot be deleted.
  • Edit: Edit the selected rule set using the Rule Wizard.

The Rule sets module contains default rule sets for the following network types:

  • Direct Internet connection: This covers rules that involve direct Internet access.
  • Untrusted networks: This generally covers open networks with Internet access.
  • Trusted networks: Home and company networks are generally trusted.
  • Blocked networks: This rule set can be used if access to a specific network should be blocked.

G DATA Security Client Firewall - Rule Wizard

The Rule Wizard allows you to define new rules for the selected rule set or to modify existing rules. The Rule Wizard is especially suitable for users unfamiliar with firewall technology. For a granular control over individual rules, use the Advanced Rule Set Editor.

The Rule wizard offers various rules. All of them can be used to quickly allow or deny a specific type of traffic. For most rules, a specific Direction can be defined, which governs whether the program is tobe blocked for inbound connections, outbound connections or both.

  • Share or block applications: Select a specific application on the hard disk to explicitly permit or deny it access to the network governed by the rule set.
  • Share or block network services: Blocking one or more ports is a quick way of eliminating vulnerabilities that could be used for attacks by hackers. The wizard provides the option ofblocking ports completely or for a particular application only.
  • File/printer sharing: Allow or block file and printer sharing.
  • Share or block domain services: Allow or block network domain services.
  • Shared use of the Internet connection: Allow or block Internet connection sharing (ICS).
  • Share or block VPN services: Allow or block Virtual Private Network (VPN) services.
  • Advanced Rule Set Editor (expert mode): Open the Advanced Rule Set Editor.

G DATA Security Client Firewall - Advanced Rule Set Editor

The Advanced Rule Set Editor allows for the creation of highly specific rules. It can be used to create all of the rules that are also available through the Rule Wizard, but also supports custom settings.

The Advanced Rule Set Editor window resembles the Rule sets pane of G DATA Administrator's Firewall module. It can be used to create, edit, delete, and rank rules within the rule set. In addition to the options available in G DATA Administrator, the Advanced Rule Set Editor offers the followingoptions:

  • Action if no rule applies: Specify what happens when no existing rule applies to a filtered communication type: Allow, Deny or Ask user.
  • Adaptive mode: The adaptive mode supports applications that use feedback channel technology (e.g. FTP and numerous online games). These applications connect to a remote computer and negotiate a feedback channel with it, which the remote computer then uses to reverse connect to the application. If the adaptive mode is enabled, the firewall detects this feedback channel and permits it without querying it separately.
  • Reset: Delete all rule set modifications as well as all auto-learned rules.

By double-clicking a rule or clicking the Edit button, individual rules can be edited. The individual rule editor corresponds to the Edit rule window in G DATA Administrator.

G DATA Security Client Firewall - Log

The Log module shows a detailed overview of all incoming and outgoing connections. It can be used to check the connection protocol, initiating application, direction, local port, remote host, remote port and reason for the decision about allowing or blocking the connection.

Click Delete to delete the selected log entry or Delete all to clear the log file completely. The Details button shows additional information about the selected log entry.

Right-click any log entry to access context-sensitive options.

In addition to the Details view, these options include creating a new rule based on the log entry, editing the rule that led to the connection being blocked or allowed, and setting a filter view for the Log module.

G DATA Security Client Firewall - Settings

The Settings window can be used if the appropriate permissions have been enabled in G DATA Administrator (Firewall > Overview > Run in internal network > Allow user to enable/disable the firewall and Firewall > Overview > Run outside internal network > Allow user to change the off-site configuration).

  • Security: Enable or disable the firewall.
  • Mode: The firewall can be operated in automatic (autopilot) mode or in manual (rule sets) mode.

  • No labels