Control communications on your endpoints based on the
network location of your device by using the Cortex® XDR™ host firewall.
The Cortex XDR host firewall enables you to
control communications on your endpoints. To use the host firewall,
you set rules that allow or block the traffic on the devices and
apply them to your endpoints using Cortex XDR host firewall policy
rules. Additionally, you can configure different sets of rules based
on the current location of your endpoints - within or outside your
organization network. The Cortex XDR host firewall rules leverage
the operating system firewall APIs and enforce these rules on your
endpoints, but not your Windows or Mac firewall settings.
following are prerequisites to apply Cortex XDR host firewall policy
rules on your endpoints:
Requirements and Limitations
Cortex XDR agent 7.1 or a later
Cortex XDR host firewall rules can apply to both incoming and
outgoing communication on the endpoint.
It is recommended to disable the windows firewall on endpoints
running win 7 SP1 before applying the Cortex XDR host firewall profile.
Cortex XDR agent 7.2 or a later
Cortex XDR host firewall rules can apply only to incoming communication
on the endpoint.
After you disable or remove the Cortex XDR host-firewall policy
on the endpoint, the system firewall on the endpoint is disabled.
You cannot configure the following Mac host firewall settings
with the Cortex XDR host firewall:
Automatically allow built-in software to receive incoming connections.
Automatically allow downloaded signed software to receive incoming connections.
To start using the Cortex XDR host firewall,