Firewall device policy

This policy lets you configure firewall settings for Samsung, macOS, and Windows devices.

To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.

Samsung SAFE settings

  • Allow/Deny host: For each host to which you want to allow or deny access, click Add and configure the following:
    • Host name/IP range: The host name or IP address range of the site you want to affect.
    • Port/port range: The port or port range.
    • Allow/deny rule filter: Click Whitelist to allow access or click Blacklist to deny access to the site.
  • Reroute configuration: For each proxy you want to configure, click Add and configure the following:
    • Host name/IP range: The host name or IP address range for the proxy reroute.
    • Port/port range: The port or port range for the proxy reroute.
    • Proxy IP: The proxy IP address for the proxy reroute.
    • Proxy port: The proxy port for the proxy reroute.
  • Proxy Configuration
    • Proxy IP: The IP address of the proxy server.
    • Port: The proxy server port.

macOS settings

Requires macOS 10.12 and later.

Image of Device Policies configuration screen

  • Enable Firewall. To enable the firewall, set this option to ON.
  • Block all incoming connections. When this option is set to ON, it blocks all incoming connections except the connections required for basic services.
  • Enable stealth mode. In stealth mode, the device doesn’t respond to or acknowledge attempts to access it from the network by test applications using ICMP, such as Ping. To enable stealth mode, set this option to ON.
  • App specific incoming connection settings. To allow specific apps to receive connections, add the apps and set Allowed to True.

Windows Desktop and Tablet settings

Requires Windows 10 Desktop and Tablet devices running Windows 10 RS3 and later.

Image of Device Policies configuration screen

  • Enable Feature: Controls incoming and outgoing traffic on computers to which this policy is deployed. Default is On.
  • Public Profile: Controls Windows Firewall while computers are connected to untrusted networks at public places, such as at an airport or coffee shop. Default is On.
  • Private Profile: Controls Windows Firewall while computers are connected to trusted networks, such as their home network. Default is On.
  • Domain Profile: Controls Windows Firewall while the computers are connected to the domain networks, such as at their workplace. Default is On.
  • Block all incoming connections, including those in the list of allowed programs: Default is Off.
  • Disable notifications to user when Firewall blocks a new program: Default is Off.

Firewall device policy