Host Firewall

Control communications on your endpoints based on the network location of your device by using the Cortex XDR host firewall.
The
Cortex
XDR
host firewall enables you to control communications on your endpoints. To use the host firewall, you set rules that allow or block the traffic on the devices and apply them to your endpoints using
Cortex
XDR
host firewall policy rules. Additionally, you can configure different sets of rules based on the current location of your endpoints - within or outside your organization network. The
Cortex
XDR
host firewall rules leverage the operating system firewall APIs and enforce these rules on your endpoints, but not your Windows or Mac firewall settings.
The following are prerequisites to apply
Cortex
XDR
host firewall policy rules on your endpoints:
Platform
Requirements and Limitations
Windows
  • Cortex
    XDR
    agent 7.1 or a later release.
  • Cortex
    XDR
    host firewall rules can apply to both incoming and outgoing communication on the endpoint.
  • It is recommended to disable the windows firewall on endpoints running win 7 SP1 before applying the
    Cortex
    XDR
    host firewall profile.
Mac
  • Cortex
    XDR
    agent 7.2 or a later release.
  • Cortex
    XDR
    host firewall rules can apply only to incoming communication on the endpoint.
  • After you disable or remove the
    Cortex
    XDR
    host-firewall policy on the endpoint, the system firewall on the endpoint is disabled.
  • You cannot configure the following Mac host firewall settings with the
    Cortex
    XDR
    host firewall:
    • Automatically allow built-in software to receive incoming connections.
    • Automatically allow downloaded signed software to receive incoming connections.
Linux
Not supported.
To start using the
Cortex
XDR
host firewall, refer to:

Recommended For You