Mac built in firewall

Posted on 2009-04-25
Last Modified: 2013-11-16
Is the mac built in firewall capable of turning on and off depending on network location(10.x.x.x or other address)?

Is it manageable through using ARD. Would there be a lot of overhead using this approach? Would it be better to use netbarrier or DoorStop X Security Suite for this purpose.

I would imaging trying to manage the built in firewall for ~120 macs using this would be a nightmare, does anyone have any experiences with this?
Question by:LouisSanchez
    LVL 3

    Accepted Solution

    Good question. None of these solutions is going to be a "simple" process for 120 machines.  All of them are designed to be a single machine - single policy.  No good way to centralize all of the policy.  The heart of the standard mac firewall is just the linux based firewall.  I am betting there is an app or way with scripts to publish out changes to them.  The issue is you likely need to open up the security on a mac to allow this to happen.

    Author Comment

    I thought  netbarrier or DoorStop X provided centralization and the ability to have different firewall settings dependant on where you are connected.
    LVL 5

    Assisted Solution

    As far as I know the Firewall settings are not effected by the computers location setting or by the received IP address, so that will have to be changed manually depending on the location. I cannot confirm if ARD has the ability to enable the firewall, but it does say this on the Apple website  "Apple Remote Desktop 3 also gives you the power to execute UNIX shell scripts or commands on your remote client systems.". So you should be able to turn it off by running a script on all the computers you require.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Deploystudio is a system which can be used to deploy OSX clients and servers within the small/medium or large business environments. The system is built onto of the OSX Server NetBoot system and uses images & workflows as its core assets. While work…
    This is a short article about OS X KeRanger, and what people can do to get rid of it.
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now