Sophos Client Firewall: how to configure it as a packet filtering firewall
To run the Sophos Client Firewall just as a packet filtering firewall, you must switch off scanning for hidden process launchers.
The LaunchHiddenProcesses options, which are not visible to the user, must be set to 'Off', to ensure that the firewall does not block the processes which LaunchHiddenProcesses launches.
What to do
1. Change the LaunchHiddenProcesses setting to 'Off'
Update Enterprise Console to version 3.0. This will ensure that it includes the resource files for Sophos Client Firewall version 1.5.
2. Create a new policy which will have the LaunchHiddenProcesses option set to false
- Go to a workstation which has version 1.5 of the Sophos Client Firewall installed, and make a copy of C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Client Firewall\Configuration.conf
- Go to the computer which has Enterprise Console installed on it, and create a new firewall policy.
- In the new firewall policy, on the General tab, in the Managing Configuration section, click on the 'Import' button.
- Locate the file,
Configuration.conf,which you made a copy of above, and choose to import it - When prompted choose to:
- Load the general configuration
- Load the global and application rules
- Overwrite
- This has now created a new policy where the LaunchHiddenProcesses option is set to 'False'.
- Now add the rest of your policy, and apply it to your client computers.
If you need more information or guidance, then please contact technical support.
- Article ID: 23277
- Created: 15 Feb 2007
- Last updated: 10 Oct 2008
