Issue
- Firewall is blocking an application from running
- Create a Firewall rule to allow applications or connections on devices with ESET Endpoint Security for macOS
Solution
Endpoint users: Perform these steps on individual client workstations
-
Click Policies → ESET Endpoint for macOS (V7+). Click the policy you want to modify and click Edit.
Figure 1-1 -
Click Settings → Protections → Network access protection. Expand Firewall and click Edit.
Figure 1-2 -
Click Add.
Figure 1-3 -
Click Add. Type the Name for the rule, configure the required data for the rule you want to create, and click Save. For more information about each section, click the applicable expander below:
Action
- Action—Choose if you want to Allow/Block the communication that matches the conditions defined in this rule or if you want ESET Endpoint Security for macOS to Ask every time the communication establishes.
- Log rule—If the rule is applied, it will be recorded in Log files.
- Logging severity—Select the severity of the log record for this rule.
- Notify user—Displays a notification when the rule is applied.
OS
Select an Operating System if you want this rule to apply only to a specific one.Application
Specify an application for which this rule will be applied.
- Application path—Specify the full path to the application (for example, /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app). Do NOT enter the name of the application alone.
- Application signature—You can apply the rule to applications based on their signatures (publisher name). Select from the drop down menu if you want to apply the rule to applications with Any valid signature or to applications Signed by a specific signer. If you select applications Signed by a specific signer, you must define the signer in the Name of signer field.
- App Store application—Select an application installed from App Store from the drop down menu.
- Service (Windows Vista and higher)—You can define a Windows system service instead of application.
- Also apply to child processes—Some applications may run more processes while you see only one application window. Enable this toggle to ensure the rule applies to every process for the specified application.
Direction
Select the Direction of communication to which this rule will apply:
- Both—Inbound and outbound communication.
- In—Inbound communication only.
- Out—Outbound communication only.
Protocol
Select a Protocol from the drop down menu if you want this rule to apply only to a specific protocol.Local Host
Local addresses, address range or subnet for which this rule is applied. If no address is specified, the rule will apply to all communication with local hosts. You can add IP addresses, address ranges or subnets directly into the IP text field or select from already existing IP sets by clicking Edit next to IP sets.Local Port
Local Port number(s). If no numbers are supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.Remote Host
Remote address, address range or subnet for which this rule is applied. If no address is specified, the rule applies to all remote host communication. You can add IP addresses, address ranges or subnets directly into the IP text field or select from already existing IP sets by clicking Edit next to IP sets.Remote Port
Remote Port number(s). If no numbers are supplied, the rule will apply to any port. You can add a single communication port or a range of communication ports.Profile
A Firewall rule can be applied to specific Network connection profiles.
- Any—The rule will be applied to any network connection, despite the used profile.
- Selected—The rule will be applied to a specific network connection based on the selected profile. Select the check box next to the profiles you want to select.
Figure 1-4 -
Click Save.
Figure 1-5 -
Click Finish to save the policy. The rule you created will be active after the policy is applied to the target computers.
Figure 1-6
