Cortado Server – Manual

Firewall

16 views January 21, 2019 December 19, 2019 0

Create Firewall profile for macOS

From macOS X 10.12, Apple provides a program firewall which enables you to con­trol connections on a program basis (rather than on a port basis). This allows the ben­efits of firewall protection to be more easily utilized and prevents unwanted programs from taking control of network ports that are open for legitimate programs.

Note! This option is not available for devices that have been embedded via User Enrollment.

  • Select Firewall as the profile you wish to add. The following dia­logue will open.
configure Firewall profile

configure Firewall profile

Make the following settings:

  • Profile name: Specify a name for the profile.
  • Enable: Specify, whether the firewall should be enabled or not.
  • Block all incoming connections: Selecting this option prevents all sharing ser­vices, such as File Sharing and Screen Sharing from receiving incoming connec­tions. The system services that are still allowed to receive incoming connections are:
    • configd, which implements DHCP and other network configuration services
    • mDNSResponder, which implements Bonjour
    • racoon, which implements IPSec.
  • Stealth mode: You can activate stealth mode with this option. This makes it difficult for hackers and malware to discover the macOS devices. In stealth mode, your users’ macOS devices will neither react to ping requests nor to con­nection attempts from a closed TCP or UDP network.
  • Bundle ID: Here you can determine which apps are allowed or blocked from connecting to the macOS devices. Use the Bundle ID of each app for this and select Allowed or Not allowed.

You’ll find out here how to distribute the new profile (see section Assign profile).

Was this helpful?