Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello Experts,

Can someone please take a look at my Task Manager and let me know if its normal for Bitdefender and Google to be taking up so much memory. At the moment, I'm only running one instance of Google and yet it shows 11 instances running.



Any thoughts will be greatly appreciated.
0
The 14th Annual Expert Award Winners
LVL 7
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

We are contemplating whether to use McAfee endpoint security's firewall or Windows firewalls
on our 30+ branches : the branches have some crucial Desktops running database services:
though the branches (ie spoke) connect back to our DC (ie hub), potentially some branches
may have their own broadband (or even just via 4G).

It's a debate between our Windows Desktop & our Firewall admins which one to use.

I know in previous Deep Security, I will have to create numerous 'policies' : one for each
branch though the branches have the same desktops running database services listening
on the same ports and when I upgrade the agents centrally from the EPO, had run into
issues:  modules (eg: Firewall or File Integrity Monitoring) that are not enabled previously
(say for servers), got auto-enabled.

So not sure if McAfee Firewall has similar or any other issues: kindly elaborate
0
Cannot access FTP Server (Win2016Std) from Internal.  (or from outside, when used with WordPress as a client)

FTP Server (10.0.5.15) and IIS on same server behind firewall (TMG 2010). Configured publishing rule to forward External IP (X.X,X,X) to Internal (10.0.5.15)

All firewall rules are configured. Can connect from outside by FTP client (PASV) - no problems! Do not really need to connect from LAN, but

THE PROBLEM IS:

WORPRESS SITE requires FTP Server setup on WEB Server to upload Updates from WEB Site.

When I try to ftp from WordPress it sends internal IP of the WEB Site as a client IP (10.0.5.15) not the Client IP of the Browser machine.
So, TMG does not allow internal to external loopback...

Any solution?
0
blocking webmail on Cisco Umbrella but allowing gmail, office365 links

the problem is i am allowing gmail.com and mail.google.com but when i block the webmail category it also blocks gmail. can idea what other url i need to allow?
0
Hi Guys

I am looking for the experts in the security field that could help me with this one.
What would be the pros and cons when it comes to open source firewalls and commercial firewalls?

IE support / costs etc.

What would be the best to use, that would be compatible with Azure VPN Route base and policy based routing for site to site / remote branch connectivity?
0
Hello Experts
i'm trying to set up WCCP between a Cisco 6500 router  and Bluecoat ASG-S200

This is the WCCP configuration on 6500 side :


access-list 150 permit tcp any any eq www
access-list 150 permit tcp any any eq 443

ip wccp web-cache
ip wccp 90 redirect list 150

int vlan 100
description << Client VLAN >>
ip wccp 150 redirect in

Open in new window



[b]sh ip wccp 90 detail [/b]
        No information is available for the service

Open in new window



Debugging on Cisco 6500

8385566: 20w4d: WCCP-EVNT:D150: Here_I_Am packet from 10.1.150.2: service not active

Open in new window


Thanking in advance
0
Website can't be reach internal network!

I have weird issue came up. we have company website that hosted on Godaddy.com and working. I can access from outside of my network and without our router/firewall. I used my laptop directly plug into ISP modem and can access the website fine.  I can ping by ip address of the site and name of the address.  I can ping www.website.com or website.com just fine.
I can nslookup from internal computer and came up with correct ip address. I cleared the cache on internal DNS server.  I tried turn off firewall (Cisco RV345P).
None of these working. Help!!!
0
ATT access my lan techs want me to add IP address and URLS to my Windows 2012 R2 server.

Suggestions on the correct way to add them. I've added ports and etc but this is the first time to add URLS and IPs.

Ex. xxxxx.accessmylan.com IP 10.xxx.xxx.xxx
0
Been trying to access a 2012 server thru remote desktop but not getting in so wanted to disable the firewall remotely.  Tried to also push vnc install onto server but keeps timing out.
0
Apache Tomcat 8 with IIS and Apache Connectors getting null request.getRemoteUser() when trying to get to a secure application.  I have multiple applications and one in particular keeps throwing this error.  I am logged in already but when I go to this application I get this error.  I have tried the old suggestion of tomcatAuthentication="false" and that is making no difference.  This particular application is old and the newer ones built in Grails are not having issues.  A team mate thinks something in IIS is stripping something out causing this however other applications are working so it would be hard to say it is stripping things out.  This is all running on Windows server 2016.  Https is in use and there is a firewall involved.  Ports have been allowed.  Old applicaiton with the issue is running an old version of Struts.
0
Worried about phishing attacks?
LVL 1
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Why are there no books of videos on Palo Alto Networks firewalls to be found on O'Reilly - Safari?
There are tons of books on Cisco, Juniper, Citrix. But nothing at all on PAN. Is PAN just very restrictive
about who can write about their products? PAN isn't brand new any more. Anyone have insight?
0
attempts are being made to access a DC.  See attached.  How can I determine where these attempts came from?

security
0
Centos 7 running firewalld.

How do I convert this;

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

to a command for firewalld to understand.
0
Hello I’m looking to putting in my first firewall. I’m looking for a good option for a municipality. If someone could help me out with this it would be great like I said this is my first and I don’t have any experience in it at all! Thanks.
0
i have entities like below

&#225;
&#353;
&#237;


how to find corresponding  foreign special character.

Please advise
0
Hello Experts,

I had a basic requirement of having a AD to authenticate users, block a few websites (whatsapp,Facebook and Youtube). The sites had to be available only for HR and Management teams and were to be blocked for everyone else.
This was outsourced to a thirdparty vendor to get this up and running in about 5 days.

However the vendor informed me that the requested setup is complete in about 5 hours.
What he has done are the following
** ubuntu server installed serving as a DC and AD authentication server.
** pfSense firewall installed but this is currently down due to the OS blowing away after power failure.
** certificate that was generated to ensure internet only works when the certificate is installed.

Now the issue is with the websites blocked. All users are currently being blocked from using these sites. Facebook, WhatsApp and other Social media like twitter are a requirement for HR and Management operations.

The setup is incomplete and the vendor is absconding after payment.
Since I am knowledgeable about Linux OS and familiar with CLI, I need to make sure the required setup is up and running.

Kindly point me to the right KBs or Update me on the steps that I need to take to ensure this is completed.
0
Hi expertsAWS opened ports for reference,

   My web application is running on aws ubuntu 16.  I have the following ports open from aws.  
It has the following applications running on ubuntu

uwsgi with nginx -  i  Think it uses port 80
node.js with react - react is rendering on port 9009
webpack with webpack.config.js - which creates js file which will be using port 80
npm run django: runserver 0.0.0.0:8000  uses port 8000
elastic search :9200 uses port 9200
postgresql used port:5432

Please see the opened ports on aws.  screenshot for reference.

With putty I connect to linux ubuntu machine with the following ip address 54.252.92.17

There is docker application which runs inside that linux box uses nginx, postgres, elasticsearch

When I run docker application, and I able to see from browser with http://54.252.92.17/

Where as when I run python manage.py runserver 0.0.0.0:8000 I am not able to see the application.

The site can't be reached 54.252.92.17 refused to connect error.

Whereas I can see the docker application when the docker is run.

Please help me why the python application is not running on the browser, where as Docker application runs well.

With python manage.py runserver 0,0,0,0:8000 I am running from the source code.  Whereas with docker I am running the docker image.

Both are same application.  

Please help me in fixing this issue.

with many thanks,
Bharath AK
0
Need help determining the OUTBOUND Windows firewall rule(s) necessary to allow the following command to be run FROM a Win2016 server. The issue goes away if the Windows firewall is set to "Allow" all OUTBOUND connections.

Get-WmiObject -ComputerName $RemoteComputer -namespace "ROOT\Cimv2" -Class Win32_ComputerSystem

Open in new window


When the outbound firewall is enabled, the result of this command is a "No such interface supported" error, and the firewall log shows "DROP TCP x.x.x.x y.y.y.y 50011 49154 0 - 0 0 0 - - - SEND". The "Windows Management Instrumentation (WMI-Out)" is enabled with it's default settings and being respected, as it's visible in the "Monitoring" rules. I've also pretty much tried all available predefined outbound rules with no success.
0
Hello
Currently we have TMG as web proxy and websense as web filtering
We are going to replace TMG with Bluecoat SG Appliance.

Hence I need to know which design is considered as best in terms of secure and efficiency.

We have 1500 users.

Any help would be appreciated.
0
Protect Your Employees from Wi-Fi Threats
LVL 1
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Hi I wish to use the SDM or ASDM or CCP software & have been looking at the following 2841 cisco routers as they should be compatible.

I wish to know which one would be the best to purchase ?
0
I have been doing some research into setting up redundant ISPs on the PANs (Palo Alto firewalls), and it seems that if we don't want to run BGP for that site, the best alternative seems to be PBF.  Am I on the right track with that?  Are there other alternatives?
0
Hi Everyone

What is the best practice for gateways. For example we got blacklisted a while ago and public ip is still blacklisted on spam rats. It says about reverse lookup not being setup

the exact message "Does IP Address comply with reverse hostname naming convention". While letting my isp know we were told to liase directly with spamrats which i did but the ip has not been given ok by spamrats. I think that they want us to set reverse DNS on gateway.

1) What is the best practice for gateways?
2) What happens if i give it a name with my domain? nnn.kkk.school.fj.
3) Does it interrupt my traffic?
4) Do i have to change my firewall rules based on the name change?
5) What all do i have to do to get this done?
6) What is the whole purpose of reverse dns on gateway as i was told by my ISP that they only setup if told by a customer to do so?
0
For PAN FW's OS upgrades in HA active/passive mode.  Can anyone point to the process steps?
Does it required to suspend HA first or doing passive first then failover to the active node?  
Please advice or point to the right link.  Planning to upgrade to the latest 8.0.8 release for PA-850 models.
0
I am receiving intermittent issues on a client server. After a while, users cannot access the internet or internal servers. Unfortunately, I am not on site and only have access to the logs as we need to restart the server before I can get there to minimise down time for all users.

Once the server is restarted, all users can access the internet/internal servers/share drives etc.

This has only come up over the couple of months randomly. Previously the DNS servers on the server had another IP which is the virtual server NIC (nic 2) and the TCP/IP V4 DNS had 127.0.0.1. The 169.x.x.x has been removed and the 127.0.0.1 has been changed to 192.168.1.1.

Would really appreciate what else I should be looking at as this has me stumped. Are there any ports on the firewall that need to explicitly be open?

The errors at the times of the issue commencing is Netlogon error 5774 entries. I have copied one below however have slightly changed the DNS record of the internal domain name. The IP Address 192.168.1.1 is the Server 2012 R2 DC. It is the only one on the network.

The dynamic registration of the DNS record 'DomainDnsZones.DOMAINNAME.local. 600 IN A 192.168.1.1' failed on the following DNS server:  

DNS server IP address: 192.168.1.1
Returned Response Code (RCODE): 0
Returned Status Code: 10054  

For computers and users to locate this domain controller, this record must be registered in DNS.  

USER ACTION  
Determine what might have caused this failure, …
0
Ok can someone please explain how to get my VPN IP pool talking to my inside network. Everything works fine using any connect VPN client. Assigns IP address but I can not ping inside subnet and the firewall itself cannot ping the VPN IP pool address .

update: ok now the firewall can ping connected client in the VPN IP Pool address 192.168.10.1 and it can ping the internal (inside) network but the VPN client cannot ping the inside subnet.

My goal here is to be able to launch ASDM to administer the firewall from afar. Any help would be appreciated..
0

Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls
<
Monthly
>