You can perform actions on rules and rule groups on the Host-based Firewall tab.

Prerequisites

Procedure

  1. On the left navigation pane, click Enforce > Policies.
  2. Select the policy.
  3. Click the Host-based Firewall tab.
  4. Perform any of the following actions on an individual rule group:
    • Copy a single rule group: Click the Copy icon to the right of the rule group. You can copy the rule group to all policies or selected policies. The copied rule group is ranked lowest in the policies into which it was copied.
    • Copy multiple rule groups: Select the checkboxes next to the rule groups that you want to copy. A Copy option displays above the list of rule groups. Click Copy to copy the selected rule groups to all policies or selected politics.

      Example of Copy option for multiple rule groups

      The copied rule groups are ranked lowest in the policies into which they were copied.

    • Edit the rule group: Click the Pencil icon to the right of the rule group. You can then add, remove, or copy rules, rename the rule group, enable specific rules, or reorder the rule ranking.

    • Delete the rule group: Click the Trashcan (delete) icon to the right of the rule group. Click Delete to confirm the action.
    • To view a rule group's rules, click the > to the left of the rule group to expand it. You can enable, disable, and test individual rules in this view. To enable a rule, select the Status check box. To disable a rule, deselect the Status check box. To test a rule, click Test rule. See Test Host-based Firewall Rules.
    • To export all host-based firewall rule data into a CSV file, click the Export button in the upper right section of the page.

      Expanded rule group

  5. Perform global actions on rule groups or rules from the Actions menu:
    • Reorder rule groups: You can change the order (rank) of the rule groups. After you click this option, you can drag and drop rule groups into the preferred order. Rule groups are processed by rank order. Click Confirm to complete the reordering.
    • Copy all rule groups: You can copy the rule groups to all policies or selected policies. The copied rule groups are ranked lowest in the policies into which they were copied.
    • Enable all rules: Click this option to enable all rules in the policy. Click Enable to confirm the action.
    • Export rules: To export the host-based firewall rule data into a CSV file, click the Export button in the upper right section of the page.

What to do next

Enable the Host-based Firewall Sensor Setting