Experts Exchange > Topics > Software Firewalls
Software Firewalls
19K
Solutions
20K
Contributors
Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.
Related Topics
Share tech news, updates, or what's on your mind.
Sign up to Post
Load Recent Content
Hi,
I need to:
-connect to a server via powershell (execute invoke commands and enter pssessions)
-execute sql queries to another server
Both work on one w10 pc, not on another.
Which ports on the firewall I need to open
-for Powershell
-for sql queries?
Please advise
J
I need to:
-connect to a server via powershell (execute invoke commands and enter pssessions)
-execute sql queries to another server
Both work on one w10 pc, not on another.
Which ports on the firewall I need to open
-for Powershell
-for sql queries?
Please advise
J
Hi I'm trying to get Quickbooks Enterprise running on A Server 2019, but the database server manager reports error with the Windows firewall. I have added the ports to the allow list in the firewall, but It is still being blocked.
I opened 8019, 56728, 55378-55382 but no go, I also ran file doctor that usually finds the problem but it didn't find anything.
Thanks all.
I opened 8019, 56728, 55378-55382 but no go, I also ran file doctor that usually finds the problem but it didn't find anything.
Thanks all.
Dear Experts,
I am planning to buy Raspberry Pi and turn it into a home firewall. Do you think this is a good idea esp that I would like to also create a captive portal for wifi access and monitor network traffic .etc
If this works what kind do you recommend ? and what are the exact specs that I need?
Thank you
I am planning to buy Raspberry Pi and turn it into a home firewall. Do you think this is a good idea esp that I would like to also create a captive portal for wifi access and monitor network traffic .etc
If this works what kind do you recommend ? and what are the exact specs that I need?
Thank you
I have been contacted by our wells fargo bank rep and they told us a URL has changed and we are to add it to our firewall rules for continued access. I have a SonicWall applianace, so the first question I have is where can I find the model number? The interface recently changed and I used to be able to find it quickly. Second question, how to I add this url to the firewall so it does not get blocked?
Our network team raised concern that with the number of IP addresses to block
(currently we create a group & add in IP addresses) coming from cyber regulator,
it may hog/slow down our CheckPoint 12600.
Q1:
What's the rule of thumb for max number of rules for 12600? We estimated the
number of IP to block to reach 5000 per year.
Q2:
There's currently 1 rule ie "Deny Threat_intel_list All for all ports/protocol":
So with only 1 rule but adding IP to the "Threat_intel_list" cause slowness or
by adding the # of IP to the list will increase the latency (make it slower) as well?
Q3: *** this question is crucial ***
We plan to break down that single rule to multiple rules ie 1 rule for 1 IP from
Threat Intel to block so that we can assess if there are hits & subsequently
assess whether to remove rules that don't have hits after, say 6 months so
as to reduce the # of rules & load to the firewall: is this a good practice in
terms of making the firewall faster? In terms of cybersecurity, was advised
by one vendor this is a safe practice as IOCs that are 'dormant' ought to be
removed, just like AV vendors removed signatures for viruses that have not
been seen in the wild for quite a while to reduce the size/length of the AV
signature file/DB.
Q4:
To do firewall rules review (ie remove rules, permit or block rules: permit as
it means the endpoint device may have been decomm'ed & block if the IOC
is not active), reckon we review if there are hits. Heard …
(currently we create a group & add in IP addresses) coming from cyber regulator,
it may hog/slow down our CheckPoint 12600.
Q1:
What's the rule of thumb for max number of rules for 12600? We estimated the
number of IP to block to reach 5000 per year.
Q2:
There's currently 1 rule ie "Deny Threat_intel_list All for all ports/protocol":
So with only 1 rule but adding IP to the "Threat_intel_list" cause slowness or
by adding the # of IP to the list will increase the latency (make it slower) as well?
Q3: *** this question is crucial ***
We plan to break down that single rule to multiple rules ie 1 rule for 1 IP from
Threat Intel to block so that we can assess if there are hits & subsequently
assess whether to remove rules that don't have hits after, say 6 months so
as to reduce the # of rules & load to the firewall: is this a good practice in
terms of making the firewall faster? In terms of cybersecurity, was advised
by one vendor this is a safe practice as IOCs that are 'dormant' ought to be
removed, just like AV vendors removed signatures for viruses that have not
been seen in the wild for quite a while to reduce the size/length of the AV
signature file/DB.
Q4:
To do firewall rules review (ie remove rules, permit or block rules: permit as
it means the endpoint device may have been decomm'ed & block if the IOC
is not active), reckon we review if there are hits. Heard …
Please see the attached (pardon my scratch!) pdf document of what I'm looking to do. The main reason for my decision to use PFSense is because my Meraki gear maxes out on the WAN side at 250Mbps. I now have a 1GB up/down and a 100/100 secondary circuit. I know that if I use gb cards on a pfsense system, I should get awfully close to 900 Mbps. Very new to pfsense, so the more help the better. :)IMG_0001.pdf
HI Experts,
I am having difficulty pushing out refreshed Group policies from Windows Server 2016 to Windows 10 clients.
They are all failing with "The remote procedure call was cancelled."
I have had some success turning off the firewall on one machine and then it successfully pushed it out, but obviously I don't want to turn off windows firewall.
I tried adding an inbound and outbound rule on the firewall on port 135 for TCP but this doesn't work.
Can anyone please help advising what firewall ports need to be open on the client PC for the group policy to get pushed out successfully.
Many thanks in advance.
I am having difficulty pushing out refreshed Group policies from Windows Server 2016 to Windows 10 clients.
They are all failing with "The remote procedure call was cancelled."
I have had some success turning off the firewall on one machine and then it successfully pushed it out, but obviously I don't want to turn off windows firewall.
I tried adding an inbound and outbound rule on the firewall on port 135 for TCP but this doesn't work.
Can anyone please help advising what firewall ports need to be open on the client PC for the group policy to get pushed out successfully.
Many thanks in advance.
Hi Experts
Could you point a way to check if a port is released at Win 10 firewall?
I followed the steps to release the port 7890 at win10 but after all I don't know if the operation was successful.
Maybe not since it looks blocked.
Thanks in advance.
Could you point a way to check if a port is released at Win 10 firewall?
I followed the steps to release the port 7890 at win10 but after all I don't know if the operation was successful.
Maybe not since it looks blocked.
Thanks in advance.
Hi,
I have question. Can we manage Firepower 4110 without using FMC (Firepower management center) or I will need to buy one?
Which appliance or virtual FMC I need to buy? and is there any free license or no?
Thanks in advance
I have question. Can we manage Firepower 4110 without using FMC (Firepower management center) or I will need to buy one?
Which appliance or virtual FMC I need to buy? and is there any free license or no?
Thanks in advance
Hi,
Port 25 is open but I've got the following. Any advice?
Port 25 is open but I've got the following. Any advice?
C:\Users\Administrator>telnet localhost 25
Connecting To localhost...Could not open connection to the host, on port 25: Connect failed
Hello,
Please do you have a method via GPO or key registry to allow the message (attached).
Thx for your help.
C--teams.PNG
Please do you have a method via GPO or key registry to allow the message (attached).
Thx for your help.
C--teams.PNG
Microsoft Products not signing into the new network.
Hello all, we implemented a new network, that is behind a firewall.
when I image a machine newly, I try to open outlook , it fails to connect, I tries onedrive, same thing. word and excel can't activate.
I connect to a different wifi (without the firewall and corporate connectivity) they all work fine. I activate and authnitcate and configure all products fine.
I switch back to corporate, they continue to work fine, for hours, or days. and suddenly the error happens again.
I have to switch to unprotected wifi, open the applications (or at least one of them) and get back to corporate network, where all will work fine again for a while.
I am thinking of the following scnarios:
1- it could be one of the many firewall rules missing on the firewall. that is used to authenticate or check the license of MS products.
2- expected it could be outdated drivers of WLAN, I updated those, but problem continued.
any ideas where should I start looking?
Hello all, we implemented a new network, that is behind a firewall.
when I image a machine newly, I try to open outlook , it fails to connect, I tries onedrive, same thing. word and excel can't activate.
I connect to a different wifi (without the firewall and corporate connectivity) they all work fine. I activate and authnitcate and configure all products fine.
I switch back to corporate, they continue to work fine, for hours, or days. and suddenly the error happens again.
I have to switch to unprotected wifi, open the applications (or at least one of them) and get back to corporate network, where all will work fine again for a while.
I am thinking of the following scnarios:
1- it could be one of the many firewall rules missing on the firewall. that is used to authenticate or check the license of MS products.
2- expected it could be outdated drivers of WLAN, I updated those, but problem continued.
any ideas where should I start looking?
A client of mine has this issue when attempting to open up QB on the work station, QB Sees the file on the server but then pops up a message saying that it cannot communicate with it. I have uploaded a picture of the error. I tried to find the connection diagnostic tool that it is talking about, but it seems to be hidden. The instructions always says to download it from the "OEM" website, where ever that is. I couldn't seem to find it.
But for some reason QB sees the files on the server, but cannot access them. a little help would be appreciated.
20191007_125944.jpg
But for some reason QB sees the files on the server, but cannot access them. a little help would be appreciated.
20191007_125944.jpg
Hello!
I've got Ubuntu 16.04 and OpenVPN installed and seems to be working fine. But when I check firewall rules using "sudo ufw status", then I see this:
I've got Ubuntu 16.04 and OpenVPN installed and seems to be working fine. But when I check firewall rules using "sudo ufw status", then I see this:
Status: active
To Action From
-- ------ ----
80 ALLOW Anywhere
443 ALLOW Anywhere
53 ALLOW Anywhere
465 ALLOW Anywhere
25 ALLOW Anywhere
110 ALLOW Anywhere
995 ALLOW Anywhere
143 ALLOW Anywhere
993 ALLOW Anywhere
10025 ALLOW Anywhere
10024 ALLOW Anywhere
80 (v6) ALLOW Anywhere (v6)
443 (v6) ALLOW Anywhere (v6)
53 (v6) ALLOW Anywhere (v6)
465 (v6) ALLOW Anywhere (v6)
25 (v6) ALLOW Anywhere (v6)
110 (v6) ALLOW Anywhere (v6)
995 (v6) ALLOW Anywhere (v6)
143 (v6) ALLOW
Hello,
I have MikroTik 1036 and I configure hotspot on it.
MikroTik gateway is pfsense with squid proxy http and https
now I can check the ip logging on access.log on squid without any problem but I want to make the log related to user who is authenticated on MikroTik hotspot.
how I can do it ?
should I use radius server ?
thanks.
I have MikroTik 1036 and I configure hotspot on it.
MikroTik gateway is pfsense with squid proxy http and https
now I can check the ip logging on access.log on squid without any problem but I want to make the log related to user who is authenticated on MikroTik hotspot.
how I can do it ?
should I use radius server ?
thanks.
I would like to know if someone knows a firewall that I can set an authentication page before hitting the target page, let's say that I have my server idrac page available on a public IP, I would like to know if there is a way to have the firewall to authenticate access first and then forward the request to the dell idrac web server in order to add an additional layer of protection.
Hello Experts,
I am looking for a solution to meter Internet usage and bandwidth by user on a LAN.
In other words I would like to have the ability for a user on the LAN to (based on that user's account information):
1. Restrict bandwidth based on user settings.
2. Restrict total usage (time) using the internet based on user settings.
3. Be able to reset usage etc. based on user settings.
4. Logs/reports showing All User statistics while on the Internet.
Does anyone know how to do this?
Thanks!
I am looking for a solution to meter Internet usage and bandwidth by user on a LAN.
In other words I would like to have the ability for a user on the LAN to (based on that user's account information):
1. Restrict bandwidth based on user settings.
2. Restrict total usage (time) using the internet based on user settings.
3. Be able to reset usage etc. based on user settings.
4. Logs/reports showing All User statistics while on the Internet.
Does anyone know how to do this?
Thanks!
I've been finding Windows 10 Firewall rule sets on some computers that look strange. I have the need for:
- comparing rules for a "new" computer with a "golden standard".
- comparing a "golden standard" with the Default rules.
- bringing a "new" computer that deviates from the golden standard into the "same" configuration.
etc.
One problem that I can foresee is that the "new" computer may have application installs that changed the firewall rules and I probably don't want to destroy those settings.
This argues that this is *no* golden standard set of rules.
Now, I can conjure up ways of doing this from scratch but wonder if someone knows of or has a process or some tool that has already dealt with issues like this?
No point in reinventing the wheel, eh?
I searched the web but seemed to only find firewall control sorts of programs - as distinct from firewall analysis and management at the text level.
I've thought about a process like this:
1) Set a "new" computer's firewall to Default
2) Run a script to add a standard set of rules or to modify the Default rules.
The first step is easy.
Coming up with the second step may be harder than simply looking at differences.....
The only case in point that I can describe - and maybe this is the only thing I need to look at - all of the File and Printer Sharing rules for Profile:Domain were missing and need to be restored.
I think being able to do only this would be useful and I've done it by …
- comparing rules for a "new" computer with a "golden standard".
- comparing a "golden standard" with the Default rules.
- bringing a "new" computer that deviates from the golden standard into the "same" configuration.
etc.
One problem that I can foresee is that the "new" computer may have application installs that changed the firewall rules and I probably don't want to destroy those settings.
This argues that this is *no* golden standard set of rules.
Now, I can conjure up ways of doing this from scratch but wonder if someone knows of or has a process or some tool that has already dealt with issues like this?
No point in reinventing the wheel, eh?
I searched the web but seemed to only find firewall control sorts of programs - as distinct from firewall analysis and management at the text level.
I've thought about a process like this:
1) Set a "new" computer's firewall to Default
2) Run a script to add a standard set of rules or to modify the Default rules.
The first step is easy.
Coming up with the second step may be harder than simply looking at differences.....
The only case in point that I can describe - and maybe this is the only thing I need to look at - all of the File and Printer Sharing rules for Profile:Domain were missing and need to be restored.
I think being able to do only this would be useful and I've done it by …
Hello,
I have industrial machine needs to connect to an Access Point in order to download data through a software designed by the manufacturer, I am thinking instead of getting Physical Access Point "especially the machine is working in a sever application" to use Virtual Access point on the LAPTOP, tried ICS "Mobile Hotspot" but this is not helpful because I need the machine to use 192.168.0.1 / 255.255.0.0
Is there any Free Virtual Access Point can be download works with Windows instead of using ICS instead of physical AP? or is there a way in Windows 10 to change IP address and subnet Mask for the clients ?
Thank You
I have industrial machine needs to connect to an Access Point in order to download data through a software designed by the manufacturer, I am thinking instead of getting Physical Access Point "especially the machine is working in a sever application" to use Virtual Access point on the LAPTOP, tried ICS "Mobile Hotspot" but this is not helpful because I need the machine to use 192.168.0.1 / 255.255.0.0
Is there any Free Virtual Access Point can be download works with Windows instead of using ICS instead of physical AP? or is there a way in Windows 10 to change IP address and subnet Mask for the clients ?
Thank You
Hi EE,
I am in the process locking down the connectivity of a Windows Server via the Windows Firewall. I have my inbound rules setup by in large, my question is how do I restrict the VPN / Remote Desktop Services on server only to allow connections from specific IP ranges.
Attached is snapshot of my current firewall configuration.
Using windows server 2016.
Any assistance is welcome.
Thank you.
RemoteAdmin.png
I am in the process locking down the connectivity of a Windows Server via the Windows Firewall. I have my inbound rules setup by in large, my question is how do I restrict the VPN / Remote Desktop Services on server only to allow connections from specific IP ranges.
Attached is snapshot of my current firewall configuration.
Using windows server 2016.
Any assistance is welcome.
Thank you.
RemoteAdmin.png
Is there any possibility / way to configure Win7 firewall (on users' PCs)
such that it blocks users' access to Internet (namely Tcp80 & 443)
unless the user's VPN is connected or the user is connected to
our corporate LAN/Wifi? Ie when user is at home or connects to
outside Wifi, the firewall rules will block the access (& only a single
firewall rule that permits connection to our corporate VPN appliance).
such that it blocks users' access to Internet (namely Tcp80 & 443)
unless the user's VPN is connected or the user is connected to
our corporate LAN/Wifi? Ie when user is at home or connects to
outside Wifi, the firewall rules will block the access (& only a single
firewall rule that permits connection to our corporate VPN appliance).
Officially my SonicWall Global Anti-Virus service blocks Macros VBA 5 and above. I wanted to know if everyone here feels if this is sufficient protection from documents that have malicious macros or is it better to enable a GPO to disable Macros from the internet?
Hi,
I am using FortiGate 100E firewall and firmware version is v5.4.4,build7650. I have registered IPS & Application Control service. Please refer to my attached JPG.
My question are:
1. How to know if I enable the IPS ? If I have not enable the IPS, how to enable the IPS?
2. How to enable Anti-spam service on this firewall?
3. What is sandbox service on firewall? I have enabled anti-virus function, but some people suggest me to enable sandbox function on firewall.
Best Regards,
Tom
FortiGate.jpg
I am using FortiGate 100E firewall and firmware version is v5.4.4,build7650. I have registered IPS & Application Control service. Please refer to my attached JPG.
My question are:
1. How to know if I enable the IPS ? If I have not enable the IPS, how to enable the IPS?
2. How to enable Anti-spam service on this firewall?
3. What is sandbox service on firewall? I have enabled anti-virus function, but some people suggest me to enable sandbox function on firewall.
Best Regards,
Tom
FortiGate.jpg
In Azure I am creating a storage account, but need it to be accessible from our vNet's only. During the Storage Account setup you can specify a vNet. The problem is we have two separate vNets in two different regions that needs access to this account. Instead of using vNet can we create a NSG for our Storage Account?
Dear Experts
We are replacing firewall to cisco ASA and planning to go for cisco AMP for endpoints, would like to understand if we go for AMP do we still need antivirus solution please suggest, thanks.
We are replacing firewall to cisco ASA and planning to go for cisco AMP for endpoints, would like to understand if we go for AMP do we still need antivirus solution please suggest, thanks.
Software Firewalls
19K
Solutions
20K
Contributors
Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.
Related Topics
Top Experts In
Software Firewalls
-
1
arnold3,050 pointsLVL 88 -
2
Predrag Jovic100 pointsLVL 36 -
3
amatson7826 pointsLVL 8
-
4
Shaun Rieman5 pointsLVL 6 -
5
symmcom4 pointsLVL 3 -
6
Kiefer Dunham4 pointsLVL 1
-
7
James Bunch4 pointsLVL 8 -
8
BMPTS3 pointsLVL 4 -
9
Michael Worsham1 pointsLVL 29
- Company
- About
- Pricing
- Careers
- Contact Us
- Experts
- Certified Professionals
- Apply Now
- Topics
© 1996-2020 Experts Exchange, LLC. All rights reserved. Covered by US Patent.