In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Sophos small business solutions: setting up the client firewall with standard applications

These instructions assume that you have installed your network with the Sophos small business solutions version of the Sophos Client Firewall with the default settings (Outbound only mode).

To enhance your firewall protection you can customise your rules using a test computer. These instructions detail how to use a more exacting configuration than the small business solutions default, while giving access to several standard office applications.

You can then add further applications as you wish, and export this configuration for importing to your whole network.

What to do

1. Setting up a test computer

After you have selected a test computer, you will need to separate it from the network firewall configuration. Then you can set up your custom rules.

1. At Sophos Control Center, right-click your selected computer and in the menu that is displayed deselect 'Use central firewall configuration'.
2. Go to your test computer and log on as administrator.
3. Right-click the Sophos Client Firewall (wall) icon in the system tray.
4. Select 'Configure'. The client firewall configuration panel opens.
5. Click 'Default'. (Note: This default configuration is different from the one deployed from the Sophos Control Center, and uses much stricter rules.)
6. Select 'Interactive'.

2. Allowing access to local network activity (NetBIOS)

You will need to give access to the local network (LAN).

1. Select the LAN tab in the client firewall configuration panel.
2. Click 'Detect'.
3. Click 'OK' when asked if you want addresses to be detected automatically.
4. Select 'NetBIOS'.

3. Using interactive mode to give access to standard applications

The computer's firewall is in interactive mode. You can now run your usual applications and give any that need it internet access. For example, to add Internet Explorer, do as follows:

1. Double-click Internet Explorer.
2. In the Sophos Client Firewall dialog, select 'Add the checksum to existing checksums for this application'.
3. Click 'OK'.
4. In 'An application has requested network access' ensure that 'Create rule for this application using preset' and 'Browser' are selected.
5. Click 'OK'.

Internet Explorer will now have access to the internet. Other commonly used presets include the one for email.

If no preset is available, follow the instructions on screen.

4. Giving Windows Update access

Please follow the instructions in this knowledgebase article.

5. Exporting and deploying your configuration

Once you are satisfied with your configuration, follow the instructions in these knowledgebase articles:

• Export the configuration.
• Merge the configuration with the one on your server.

The edited configuration will be deployed to your workstations automatically. To force an immediate update, right-click them and select 'Update'.

6. After deployment

Reintegrate your test workstation into your network.

1. Open Sophos Control Center.
2. Right-click your selected computer.
3. In the menu that is displayed, select 'Use central firewall configuration'.

If you need more information or guidance, then please contact technical support.

• Article ID: 17445
• Created: 10 Oct 2006
• Last updated: 10 Oct 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement