Host Firewall

Control communications on your endpoints based on the network location of your device by using the Cortex® XDR™ host firewall.
The Cortex XDR host firewall enables you to control communications on your endpoints. To use the host firewall, you set rules that allow or block the traffic on the devices and apply them to your endpoints using Cortex XDR host firewall policy rules. Additionally, you can configure different sets of rules based on the current location of your endpoints - within or outside your organization network. The Cortex XDR host firewall rules leverage the operating system firewall APIs and enforce these rules on your endpoints, but not your Windows or Mac firewall settings.
The following are prerequisites to apply Cortex XDR host firewall policy rules on your endpoints:
Platform
Requirements and Limitations
Windows
  • Cortex XDR agent 7.1 or a later release.
  • Cortex XDR host firewall rules can apply to both incoming and outgoing communication on the endpoint.
  • It is recommended to disable the windows firewall on endpoints running win 7 SP1 before applying the Cortex XDR host firewall profile.
Mac
  • Cortex XDR agent 7.2 or a later release.
  • Cortex XDR host firewall rules can apply only to incoming communication on the endpoint.
  • After you disable or remove the Cortex XDR host-firewall policy on the endpoint, the system firewall on the endpoint is disabled.
  • You cannot configure the following Mac host firewall settings with the Cortex XDR host firewall:
    • Automatically allow built-in software to receive incoming connections.
    • Automatically allow downloaded signed software to receive incoming connections.
Linux
Not supported.
To start using the Cortex XDR host firewall, refer to:

Recommended For You