Push a firewall profile with the AirWatch Agent v2.2+ for macOS to filter unauthorized connections to your enterprise network. Using the native firewall combined with the AirWatch Agent, you can monitor firewall settings and revert settings if unauthorized changes occur. Also, use the firewall to control incoming connections and protect computers against probing requests.

To create a firewall profile:

  1. Navigate to Devices > Profiles & Resources > Profiles and select Add. Select Apple macOS, and then select Device Profile, since this profile is only applicable to the entire device.
  2. Configure the profile's General settings.

    These settings determine how the profile deploys and who receives it. For more information on General settings, see Add General Profile Settings.

  3. Select the Firewall payload.
  4. Select Enable to allow firewall protection.
  5. Configure the following firewall settings:
    Setting Description
    Block all incoming connections Select this to block all incoming connections from sharing services, except for connections required for basic Internet services.
    Automatically allow signed software to receive incoming connections Select this to automatically allow only software signed by a developer and approved by Apple to provide services accessed from their network.
    Enable stealth mode Select this to prevent the computer from responding to or acknowledging requests made from test applications.
  6. Select Save & Publish to push the profile to the device. All AirWatch Agent functionality continues including Push Notifications even if Block incoming connections is selected.