The firewall can block or allow certain types of network traffic by creating a barrier between the client and the network. Additionally, the firewall will identify patterns in network packets that may indicate an attack on clients.
Worry-Free Business Security has two options to choose from when configuring the firewall: simple mode and advanced mode. Simple mode enables the firewall with the Trend Micro recommended default settings. Use advanced mode to customize the firewall settings.
Trend Micro recommends uninstalling other software-based firewalls before deploying and enabling the Trend Micro firewall.
Default Firewall Simple Mode Settings
The firewall provides default settings to give you a basis for initiating your client firewall protection strategy. The defaults are meant to include common conditions that may exist on clients, such as the need to access the Internet and download or upload files using FTP.
By default, Worry-Free Business Security disables the firewall on all new groups and Security Agents.
Settings |
Status |
---|---|
Security Level |
Low Inbound and outbound traffic allowed, only network viruses blocked. |
Intrusion Detection System |
Disabled |
Alert Message (send) |
Disabled |
Exception Name |
Action |
Direction |
Protocol |
Port |
---|---|---|---|---|
DNS |
Allow |
Incoming and outgoing |
TCP/UDP |
53 |
NetBIOS |
Allow |
Incoming and outgoing |
TCP/UDP |
137, 138, 139, 445 |
HTTPS |
Allow |
Incoming and outgoing |
TCP |
443 |
HTTP |
Allow |
Incoming and outgoing |
TCP |
80 |
Telnet |
Allow |
Incoming and outgoing |
TCP |
23 |
SMTP |
Allow |
Incoming and outgoing |
TCP |
25 |
FTP |
Allow |
Incoming and outgoing |
TCP |
21 |
POP3 |
Allow |
Incoming and outgoing |
TCP |
110 |
MSA |
Allow |
Incoming and outgoing |
TCP |
16372, 16373 |
LDAP |
Allow |
Incoming and outgoing |
TCP/UDP |
389 |
Location |
Firewall Settings |
---|---|
In Office |
Off |
Out of Office |
Off |
Traffic Filtering
The firewall filters all incoming and outgoing traffic, providing the ability to block certain types of traffic based on the following criteria:
-
Direction (inbound/outbound)
Protocol (TCP/UDP/ICMP/ICMPv6)
-
Destination ports
-
Destination computer
Scanning for Network Viruses
The firewall also examines each packet for network viruses.
Stateful Inspection
The firewall is a stateful inspection firewall; it monitors all connections to the client and remembers all connection states. It can identify specific conditions in any connection, predict what actions should follow, and detect disruptions in a normal connection. Therefore, effective use of the firewall not only involves creating profiles and policies, but also analyzing connections and filtering packets that pass through the firewall.
Common Firewall Driver
The Common Firewall Driver, in conjunction with the user-defined settings of the firewall, blocks ports during an outbreak. The Common Firewall Driver also uses the Network Virus Pattern file to detect network viruses.