Control communications on your endpoints based on the
network location of your device by using the Cortex XDR host firewall.
The
Cortex
XDR
host firewall enables you to control
communications on your endpoints. To use the host firewall, you
set rules that allow or block the traffic on the devices and apply
them to your endpoints using
Cortex
XDR
host firewall policy rules. Additionally, you can configure
different sets of rules based on the current location of your endpoints
- within or outside your organization network. The
Cortex
XDR
host firewall rules leverage the operating
system firewall APIs and enforce these rules on your endpoints,
but not your Windows or Mac firewall settings.
The following
are prerequisites to apply
Cortex
XDR
host firewall policy rules on your endpoints:
Platform
Requirements and Limitations
Windows
Cortex
XDR
agent 7.1 or a later release.
Cortex
XDR
host firewall
rules can apply to both incoming and outgoing communication on the
endpoint.
It is recommended to disable the windows firewall on endpoints
running win 7 SP1 before applying the
Cortex
XDR
host firewall profile.
Mac
Cortex
XDR
agent 7.2 or a later release.
Cortex
XDR
host firewall
rules can apply only to incoming communication on the endpoint.
After you disable or remove the
Cortex
XDR
host-firewall policy on the endpoint, the system firewall
on the endpoint is disabled.
You cannot configure the following Mac host firewall settings
with the
Cortex
XDR
host firewall:
Automatically allow built-in software to receive incoming connections.
Automatically allow downloaded signed software to receive incoming connections.
