SonicWALL 4.5 Frozen Dessert Maker User Manual


 
121
Enforced Client Product Guide Using the Firewall Protection Service
Configuring policies for firewall protection
5
2 A list of safe applications that SonicWALL maintains on the www.hackerwatch.org website.
By default, the firewall protection service allows applications that appear on this list. If the
administrator does not want the firewall protection service to consult this list, he can
configure a policy option (see
Specify whether to use SonicWALL recommendations).
3 A computer-specific list of allowed Internet applications created by user responses to
detection prompts. Users are prompted for a response to application detections when their
policy is configured for
Prompt mode (see Select a firewall protection mode on page 115).
Specify Internet applications in a policy
When you authorize Internet applications in a policy, the firewall protection service allows the
applications to connect to the Internet whenever they run on computers using the policy.
Note
To configure allowed Internet applications in a policy:
1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).
2 Click the Desktop Firewall tab.
3 Under Allowed Internet Applications, select the type of application (a detected application or a
user-approved application).
4 Select an application, then click Save.
The selected application is added to the list of allowed programs for computers using this policy.
(No list appears until you have added at least one allowed application to the policy.)
To remove an allowed Internet application from a policy:
1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).
2 Click the Desktop Firewall tab.
3 In the list of Allowed Internet Applications, click remove for each application you want to delete
from the list, then click
Save.
Specify whether to use SonicWALL recommendations
SonicWALL maintains a whitelist of Internet applications it has determined to be safe at the
www.hackerwatch.org website. By default, the firewall protection service checks this website
whenever it detects an Internet application that the administrator has not specified as an
approved Internet application. You can change the setting of this option in a policy.
To ignore SonicWALL recommendations for Internet applications:
1 On the Groups + Policies page, click Add Policy (or click Edit to modify an existing policy).
2 Click the Desktop Firewall tab, deselect the Use Smart Recommendations to automatically
approve common Internet applications
checkbox, then click Save.
Authorize only applications you know are safe. If you are unsure an application is safe, we
recommend not adding it to the allowed Internet applications list.