In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Sophos small business solutions: client firewall custom configuration

Besides using outbound only and named program mode, you can also set up a custom configuration of the Sophos small business solutions version of Sophos Client Firewall.

There are two methods of doing this, interactive mode and non-interactive mode. Of these, non-interactive mode is the more complex.

• In interactive mode you set up a test workstation and run the programs that will need to access the local network and internet. When a program tries to gain network access, Sophos Client Firewall will ask you if it is to grant permission. Sophos Client Firewall will construct rules for your network from the information that you supply.
• In non-interactive mode you set up your configuration by writing the rules manually.

This article describes using interactive mode to create a custom configuration. A separate advanced custom configuration article describes the use of non-interactive mode.

What to do

1. Setting up rules in interactive mode

In interactive mode, the firewall asks you, with a pop-up dialog, what it should do when an attempt is made by a program to access the network or internet. This mode is useful when building an initial set of rules. It may also be the best permanent solution for some remote users.

• Interactive mode can be used only on a workstation running Sophos Client Firewall, it cannot be run from Sophos Control Center.
• Rules built in interactive mode should be imported into Sophos Control Center for deployment to other workstations.

2. Selecting a suitable workstation

Set your rules up on a workstation that is representative of others on your network. For example, it will need to run both applications that access the local network (including word processors, etc., that write to network drives) and those that access the internet (web browsers, email clients, instant messaging clients).

3. Accessing interactive mode

Go to your selected workstation

• right-click the notification area (brick wall) icon in the system tray
• select 'Configure'
• in the General tab, select 'Interactive. The firewall asks you how to deal with traffic.'

4. Checking your regularly used programs

Launch all of your regularly used programs.

• Allow those that you want to give access to your local network and the internet.
• Block those that you do not.

5. Exporting your configuration

After a suitable test period, export the configuration from the test workstation and import it into the central configuration in Sophos Control Center. You can add to your existing configuration by merging the two configurations.

You can also edit the configuration further in non-interactive mode.

If you need more information or guidance, then please contact technical support.

• Article ID: 16799
• Created: 27 Jul 2006
• Last updated: 9 Oct 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement